Security and IT teams may be loathe to admit it, but security has historically been mostly a reactive affair. Security engineers monitored for threats and responded when they detected one. They may have also taken steps to harden their systems against breaches, but they didn’t proactively fight the threats themselves. That is changing as more and more teams add threat hunting as one pillar of their cybersecurity strategies.

Attackers have long used phishing emails with malicious Microsoft Office documents, often hosted in popular cloud apps like Box and Amazon S3 to increase the chances of a successful lure. The techniques being used with Office documents are continuing to evolve. In August – September of 2020, we analyzed samples that used advanced techniques like: In January 2021, we examined samples that use obfuscation and embedded XSL scripts to download payloads.

On June 28, we announced new features within Forward Enterprise that help security engineers spend less time on reactive tasks so they can be more proactive. Why would a networking company expand into the security space? Good question. Let me share some of the reasoning that led to expanding deeper into this space, and why I am excited about it.

“Speed is the new currency of business.” Chairman and CEO of Salesforce Marc R. Benioff’s words are especially potent today as many organizations small and large look for ways to speed up production during their shifts to digital. In software development, speed is a critical factor. Everything from shifting priorities to manual processes and siloed teams can seriously impede deployment schedules.

These days, it’s not a matter if your password will be breached but when. Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 543 sites comprising 11.4 billion accounts. This includes well-known names like Wattpad, MySpace, and Facebook. This is an 84% increase in the number of sites and a 115% increase in the number of accounts from when I published the first version of this article in 2018.

Modern complex systems are easy to develop and deploy but extremely difficult to observe. Their IT Ops data gets very messy. If you have ever worked with modern Ops teams, you will know this. There are multiple issues with data, from collection to processing to storage to getting proper insights at the right time. I will try to group and simplify them as much as possible and suggest possible solutions to do it right.

PCI compliance isn’t just good for customers; it’s also good for business. Merchants that fall short of PCI compliance standards not only put their customer data at risk, they also may face hefty fines. The PCI Compliance Guide reports that fines and penalties can range from $5,000 to $100,000 per month for the merchant.

Dropbox is known for being a convenient file sharing and storage tool. For over a decade, Dropbox has allowed teams to collaborate cross- functionally by providing a single source of truth. With files being managed and synced to a central location, teams can work together without issues of version control. Even in a post- Google Drive and OneDrive era, Dropbox remains important, as not everyone uses the same productivity suites.

Since launching in 2015, MITRE’s ATT&CK framework has been the cybersecurity industry standard for understanding cyber-attacks and their kill chains. Now the BLADE framework is set to develop a similar understanding of business logic attacks fueled by malicious bots. In this post, we will look at why MITRE ATT&CK is so important and examine why BLADE is needed now more than ever.

A quality management system (QMS) is a system that documents the policies, business processes, and procedures necessary for an organization to create and deliver its products or services to its customers, and therefore increase customer satisfaction through high product quality. In short, a QMS helps a company meet its regulatory requirements and customer requirements, and make continuous improvements to its operations.