Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Blogs

How Can Logs Be Useful?

From performance information to fault and intrusion detection, logs can provide you a lot more things with regard to what is happening on your systems and network along with the timestamps and order of the events. Logs can be invaluable for resource management, instruction detection, and troubleshooting. More importantly, logs can provide an admissible evidence for forensic purposes in the aftermath of an incident. The following sections provide a deep dive into some use-cases of logs.

Data Security Requirements for Federal Contractors

Federal contractors are private entities that fulfill governmental needs. As such, they are trusted with sensitive, private federal information which makes them obvious targets for cyber attacks. The government has recently ramped up data security requirements for federal contractors, demanding more software, hardware and accountability from them.

Bypassing and exploiting Bucket Upload Policies and Signed URLs

TL;DR Bucket upload policies are a convenient way to upload data to a bucket directly from the client. Going through the rules in upload policies and the logic related to some file-access scenarios we show how full bucket object listings were exposed with the ability to also modify or delete existing files in the bucket.

ITIL, the Change Management Process and Tripwire Enterprise

When I speak with clients about their approach to managing their IT services, many organisations mention ITIL practices as a cornerstone to their approach. This is hardly surprising since the ITIL framework describes a sensible methodology for IT management, looking at the use of technology through the lens of what the business needs.

EventSentry v3.5 Released: Windows Process Monitoring to the Max, Registry Tracking, Tags & More

EventSentry v3.5 continues to increase visibility into networks with additional vantage points, making it easier for EventSentry users to reduce their attack surface as well as discover anomalies.

False Positive or the Real Deal?

An ominous flashing red light on a blacked-out computer screen means the promise of a threat. It was 21:26 on a Sunday night and an Intrusion Prevention System (IPS) alert shot across one of our screens. A security analyst usually has just minutes to respond, carry out an investigation on behalf of the organisation under threat and make a critical decision.

Autonomous cars: Data will drive the future

You might have not noticed it, but we are on the verge of a disruptive change in the way we humans transport ourselves. In the next five to ten years the way we think about – and take – our daily commute, our holiday vacation, trips to the market – anything that involves transport over a distance too great to walk – will dramatically change.

Questions You Should Ask Your Cloud-Based Log Management Service Provider

The log management service is often outsourced to a third-party service provider due to the complexity of the process involved in the collection of logs. When a business plans for outsourcing log management to a service provider, business requirements must be given a top-most priority. To start with, a business must identify the goals it desires to accomplish through log management. After locating the required resources, the decision-making body should select a vendor for availing its services.