Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Blogs

Finally Some Good News: NERC Proposes Deferment of 3 CIP standards

Amidst all the pandemic doom and gloom, we finally have something positive come from the chaos: NERC filed a motion recently (April 6, 2020) to defer three Critical Infrastructure Protection (CIP) Reliability Standards (as well as 1 PER, and 3 PRC standards) for three months due to the national emergency declared on March 13th by President Trump. As the original implementation date was July 1, 2020, this means that should FERC approve the motion, the new implementation date would be October 1, 2020.

The Cyber Threat Intelligence Analyst - Speaking Your Languge

One item that comes up a lot in conversations is how security teams or IT teams struggle to speak the “business language” to business leaders, mainly to members of the senior leadership that make the final decisions on spending and investments. This problem could have its roots in IT, and later security, teams historically having their management lines within the accounting department, ultimately being accountable to the Chief Financial Officer.

Why use Typha in your Calico Kubernetes Deployments?

Calico is an open source networking and network security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal. In this blog, we will focus on Kubernetes pod networking and network security using Calico. Calico uses etcd as the back-end datastore. When you run Calico on Kubernetes, you can use the same etcd datastore through the Kubernetes API server.

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)

In Part 2 of this two-part series, our goal is to provide security practitioners with better visibility, knowledge, and capabilities relative to malicious persistence techniques that impact organizations around the world every day. In this post, we’ll explore two additional persistence techniques that are being used by attackers in the wild: Scheduled Tasks (T1053) and BITS Jobs (T1197).

What is a Vulnerability Management Program?

Vulnerability Management is the cornerstone of information security programs. Cybersecurity practitioners leverage vulnerability management programs to identify, classify, prioritize, remediate, and mitigate vulnerabilities most often found in software and networks. Vulnerability assessments, while not mutually exclusive with vulnerability management, are generally part of a vulnerability management program in order to identify, quantify, and prioritize vulnerabilities in a system.

Common focal points of DoS attacks

This blog was written by an independent guest blogger. Is your company at risk of a Denial of Service (DoS) attack? If so, which areas are particularly vulnerable? Think it’s a crazy question? Think again. In 2020, 16 DDoS attacks take place every minute. DoS attacks require fewer resources, and so pose an even greater threat. In this post, we’ll discuss what a DoS attack is and how it differs from a Distributed Denial of Service (DDoS) attack.

COVID-19 Scam Roundup - April 6, 2020

Digital fraudsters have seized upon coronavirus 2019 (COVID-19) as a lure for their new scams and attack campaigns. Together, these malicious operations constitute nothing short of a deluge. Barracuda revealed that it spotted 9,116 coronavirus-themed spear-phishing emails between March 1 and March 23, 2020—a 667% increase over the 1,188 attacks detected a month earlier. By comparison, the security firm spotted just 137 coronavirus-themed email campaigns in January.