Cloud storage misconfigurations continue to become more prevalent and problematic for organizations as they expand their cloud infrastructure, driving the importance of technologies such as cloud security posture management (CSPM) as crucial tools for protectors everywhere. Consider the recently reported public exposure of data associated with some Microsoft customers and prospects.

Threat actors constantly unleash phishing attacks that use emails or text messages containing domains or URLs, all designed to impersonate well-known companies and trick users into visiting fake websites and entering their logon or other confidential information. Unfortunately, many users fall prey to such attacks, unknowingly giving threat actors access to their work or personal accounts.

When discussing cybersecurity, “penetration testing” and “red teaming” are two terms that are often used interchangeably but are two entirely separate concepts. If you are considering implementing additional cybersecurity protocols within your organization, it’s essential to understand the unique role and function of each of these processes and how they can benefit your organization.

Consolidation is not a new word when it comes to security vendors. As companies grow, needs change, and new technologies develop, different vendors merging has become a common sight. Gartner has been tracking these consolidation trends, and what those trends highlight is two things.

Back in 2018, GitHub celebrated 100 million open source repositories, and it has only been growing since then. How can you make sure your sensitive credentials and authentication tokens aren’t exposed to access by the public? Read this blogpost to learn how to save your API keys and other important data from being disclosed.

Understanding Active Directory (AD) permissions is vital for cybersecurity, compliance and business continuity. In this blog, we’ll be going over, at a high level, how Active Directory permission are applied in a domain and how to view them natively. The most common way to apply Active Directory permissions is through the tool Active Directory Users and Computers (ADUC). There are two ways in ADUC to apply permissions: This blog post will cover both of these options.

Since 2014, the National Institute of Standards and Technology (NIST), a U.S. federal agency, has issued guidelines for managing digital identities via Special Publication 800-63B. The latest revision (rev. 3) was released in 2017, and has been updated as recently as 2019. Revision 4 was made available for comment and review; however, revision 3 is still the standard as of the time of this blog post.

This post walks you through the steps of setting up a point-to-site VPN connection from a Windows server running Netwrix StealthAUDIT, so you can discover and monitor all your Azure SQL databases.

‍Dark web monitoring is the process of tracking your organization’s information on the dark web. Dark web monitoring solutions can scan through billions of pages on the internet to find leaked or stolen information, such as compromised passwords, credentials, intellectual property, and other sensitive data being shared and sold among cybercriminals operating on the dark web.

In this third post in our series on Malicious Software Packages, we’ll focus on the aftermath of a successful attack and how the attacker executes payloads to serve their needs through various real-life scenarios. Before we start, let’s review a few highlights from the second post you might’ve missed: Now, let’s get to blog three in the series.