Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Best Practices for Using Tripwire Enterprise in Dynamic Environments - Part 1

Just a few years ago, most IT environments were made up of deployed servers on which personnel installed applications, oftentimes as many as that one system could handle. They then remained and ran that way for years. In the meantime, the IT team maintained the system and updated the applications as needed. Sometimes there were test versions of those systems, but this wasn’t often. Even then, the OS often didn’t match the production version of the same system.

SIEM Deployment Checklist

SIEM deployment process can be rather involved and overwhelming since SIEM can offer a wide array of solutions for different needs of your organization. In this blog post, we discussed the deployment process of SIEM and added a brief checklist. SIEM tools have been one of the most topical tools in the industry for a while now. They offer a wide range of solutions to organizations from various backgrounds and sectors.

Disturbing Cybersecurity Trends In Aviation

Aviation is a component of critical infrastructure that is comprised of a complex web of public and private organizations relying on millions of assets to move people and cargo around the world. The industry supports countless critical functions such as emergency response, community access, agricultural support, passenger services, national security, law enforcement, border security, intermodal connections to rail and shipping, and much more.

Medical apps & privacy: where are we?

Image Source: Unsplash Finding a new health-related app that tracks symptoms, increases self-care behaviors, or offers disease-specific education can be exciting for consumers. However, many apps share information with a host of other companies for marketing purposes. Often, these companies have nothing to do with healthcare and are not even a business the individual uses.

How to Secure Kubernetes Using Cloud SIEM?

Kubernetes, commonly called K8s, is an open-source container management system developed by Google. Containers and tools like Kubernetes enable automation of many aspects of application deployment, which provides tremendous benefits to businesses. K8s is just as vulnerable to attacks and cybercrime as traditional environments, in both public and private clouds. In this blog post, we’ve compiled everything you need to know to make sure your Kubernetes environment is safe. Here is what we tackle.

The Top 10 Highest Paying Jobs in Information Security - Part 2

Information security is an exciting and rapidly growing field for individuals who are interested in protecting users and their data. In an effort to map out the industry as a possible career choice, we recently conducted research into the top 10 infosec jobs based on overall pay grade. We now continue with the second part of our two-part series.

FedRAMP Low, Moderate, High: Understanding Security Baseline Levels

The Federal Risk and Authorization Management Program (FedRAMP) is a federal program that ensures that the proper level of information security is in place when U.S. government agencies access cloud products and cloud services. FedRAMP standardizes the approach to security assessment, authorization, and continuous monitoring of cloud service providers (CSPs). FedRAMP grants authorizations to CSPs at three impact levels: low, medium, and high.

How to justify your cybersecurity budget in 2019

It’s less expensive to prevent cyber attacks than it is to repair the damage when they happen. Companies and institutions across industries lose money from cyber attacks all the time. There are the more obvious ways like piracy, data breaches, and litigation. There are also ways that accountants can’t quite put a dollar figure on, such as reputational damage that makes customers and clientele less likely to want to buy a company’s products and services in the future.

How to Secure Outbound Emails

When it comes to securing email, most network admins focus on inbound security threats. This is understandable considering the threat viruses, malware, phishing and spear-phishing attacks pose to an organisation. But inbound threats aren’t the only threat organisations need to protect against. Outbound email poses a significant risk as well. Should an email server become compromised it can send out SPAM messages to all your contacts.

How Will the CMMC Impact My Business and How Can We Prepare? Part 2 of 3

In part one of this series, I addressed what DoD contractors could be doing to prepare for the CMMC security level rating. In part two of the series, I want to discuss our customers’ concerns about the possible impacts of having their company’s security rating made public. According to the CMMC FAQ, all companies conducting business with the DoD must be certified (not just those who handle CUI), and the level of certification for each company will be made public.