Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

The Five Stages of Vulnerability Management

A key to having a good information security program within your organization is having a good vulnerability management program. Most, if not all, regulatory policies and information security frameworks advise having a strong vulnerability management program as one of the first things an organization should do when building their information security program. The Center for Internet Security specifically lists it as number three in the Top 20 CIS Controls.

36 Computing Milestones Every Tech Person Should Know

I was recently asked what I thought were the most significant points in the history of computing. It made me realize most people coming into high tech don’t have a basic understanding of the history of computing, which is important to understand future trends, how products work, and the relationships among computing elements in the technology stack.

AT&T to Acquire AlienVault

DALLAS, July 10, 2018 — AT&T today announced its plans to acquire AlienVault®, a privately held company based in San Mateo, Calif. The agreement has been approved by both companies. The acquisition of AlienVault will enable AT&T to expand its enterprise-grade security solutions portfolio and offerings to millions of small and medium-sized businesses.

Don't Let Malware Hold You Ransom

Ransomware is a relatively new form of malware that poses significant threats to computer networks, even those with effective security systems. It masquerades as legitimate software and uses encryption protocols, like those designed to protect personal information, to lock down files and hold data for ransom. In addition to the increased frequency of attacks, hackers are continuing to grow more sophisticated, targeting high profile businesses that can afford to pay higher ransoms.

Procedures: Runbook Automation that Works

One of the challenges of building and running information technology systems is solving novel problems. That's where frameworks like scrum and agile come in– getting from the unknown to the known with a minimum of frustration and waste. Another challenge is performing known tasks correctly every single time. Here runbooks, checklists, and documentation are your friend.

6 Steps for Establishing and Maintaining Digital Integrity

To create a secure digital profile, organizations need digital integrity. This principle encapsulates two things. First, it upholds the integrity of files that store operating system and application binaries, configuration data, logs and other crucial information. Second, it protects system integrity to make sure applications, endpoints and networks perform their intended functions without degradation or impairment.

Why is Log Management More Important Than Ever?

It has now become public knowledge that every business organization is under constant threats in the ever-evolving cyberspace. In order to secure their assets and maintain a strong defence against the actors with malicious intent, an organization takes a number of steps such as installing appropriate software and hardware, implementing security controls, etc. One such step is log management which plays a crucial role during a security incident.

What happened when we hacked an expo?

Last year we exhibited at a major information security trade show in London, during the preparation for this we received our exhibitor passes as “print yourself” PDF files. We immediately noticed that there are two forms of barcode here and, interestingly, the QR Code seems quite dense given that all it should be storing is a delegate ID number. Being the inquisitive sort of people that we are, we started up a QR scanner and had a look at its contents.

7 Questions for Evaluating your Security Posture against Insider Threats

Insider threats top the list of the most dangerous cyber risks for organizations worldwide. It doesn’t take much effort for insiders to steal your sensitive data, while such activities are hard to discover and impossible to prevent. Unfortunately, lack of visibility into user behavior is one of the key reasons why companies suffer from data breaches that involve either human negligence or malicious intent.