Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Building a Superstar SOC with Automation and Standardization

When you have a team of security analysts that have a wide range of expertise, knowledge, and experience, it is natural to see the difference in the quality of work performed. One of the biggest challenges that security operation managers face when auditing the work performed is that some team members may execute different steps at different levels of rigor when investigating and remediating threats.

How to Make Your Zoom Meetings More Secure

During the first months of the last year, Zoom was a little known video conferencing platform with a few million users. However, the spread of Coronavirus across the globe forced businesses and organizations to make changes in their working models. Among them was adopting remote working practices, fostered by several communication and collaboration tools. This is where Zoom's popularity surged, with remote workers using the tool to conduct virtual meetings. However, the explosive popularity of Zoom created several cybersecurity ramifications. The unexpected growth exposed the platform to various security faults, vulnerabilities, and hackers. That said, below are some of the best practices to keep your Zoom meetings secure.

ManageEngine makes the cut again for unified endpoint management

There’s no doubt in my mind that Gartner Midmarket Context: Magic Quadrant report is the most important of all Magic Quadrants up to this point. With COVID-19 forcing a large amount of the workforce worldwide to move from their offices to work-from-home environments, unified endpoint management and security has been essential in enabling businesses to continue to operate securely. At ManageEngine, we are constantly evolving our solutions to meet these dynamic market needs.

Stories from the SOC - Beaconing Activity

Beaconing analysis is one of the most effective methods for threat hunting on your network. In the world of malware, beaconing is the act of sending regular communications from an infected host to an attacker-controlled host to communicate that the infected host malware is alive and ready for instructions. It is often one of the first indications of a botnet malware infection, so it’s important to spot the beaconing behavior before the infected host can expose data or launch an attack.

The Role of AI and ML in Preventing Cybercrime

According to a seminal Clark School study, a hacker attacks a computer with internet access every 39 seconds. What’s more, almost a third of all Americans have been harmed by a hacker at one point or another, and more than two-thirds of companies have been victims of web-based attacks. A 2020 IBM study showed that the total cost of data breaches worldwide amounted to $3.9 million, which just may sound the death knell for many businesses affected by breaches.

Snyk's new vulnerability cards - fix issues fast with a new look and feel

One of our missions at Snyk is a simple one: help developers fix things easily. We further our mission by releasing features and improvements as quickly as possible, but it’s also just as important that developers have an experience which helps them gain as much value from Snyk as possible. This includes being able to quickly understand what needs to be fixed, and making that task incredibly easy.

Detecting MITRE ATT&CK: Privilege escalation with Falco

The privilege escalation category inside MITRE ATT&CK covers quite a few techniques an adversary can use to escalate privileges inside a system. Familiarizing yourself with these techniques will help secure your infrastructure. MITRE ATT&CK is a comprehensive knowledge base that analyzes all of the tactics, techniques, and procedures (TTPs) that advanced threat actors could possibly use in their attacks.

Red Team Assessments - The Fundamentals 1.1

We’re in an age where information is king, misinformation is rife and mass data breaches are commonplace in the mainstream media. Ensuring the security of your organisation’s data, infrastructure and people is paramount and choosing the right service to secure those things is just as important. At Pentest People, we are now delighted to offer our new Red Team Assessment service to our customers. But what is a Red Team Assessment and how does it differ from a Penetration Test?

Top Security Anti-Patterns in ASP.NET Core Applications

Microsoft's ASP.NET Core enables users to more easily configure and secure their applications, building on the lessons learned from the original ASP.NET. The framework encourages best practices to prevent SQL injection flaws and cross-site scripting (XSS) in Razor views by default, provides a robust authentication and authorization solution, a Data Protection API that offers simplicity of configuration, and sensible defaults for session management.