Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Make DevSecOps So: Cloud Enterprise+ on AWS Marketplace

JFrog is pleased to announce that our comprehensive Cloud Enterprise+ plan is now available on Amazon Web Services (AWS) Marketplace through Private Offers. JFrog Cloud Enterprise+ on AWS is a universal, highly-available SaaS offering of the JFrog Platform for demanding DevSecOps at global scale.

Securing Azure Active Directory from PowerShell abuse

Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware tools can now detect the presence of a foreign program or device and immediately block them.

Stories from the SOC- SSH Brute Force Authentication Attempt

Ervin McBride IV – TDP Engineer II contributed to this article. Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.

The Email Laundry End of Life?...

June 1st 2020: Fireeye end of life The Email Laundry email security service. This comes as a surprise to many as Fireeye acquired The Email Laundry back in 2017 and seemingly had plans to greatly expand the service. The Email Laundry serviced MSPs and small organizations whereas Fireeye had a conserted desire and history servicing Enteprise businesses. This may be why Fireeye decided to exit the SME Email Security service market.

Profiling "VIP Accounts" Part 2

In this post, we continue our discussion of use cases involving account take over and credential access in enterprise data sets. In the first part of this series, we introduced the definition of a VIP account as any account that has privileged or root level access to systems/services. These VIP accounts are important to monitor for changes in behavior, particularly because they have critical access to key parts of the enterprise.

VPNs and Zero Trust: Thoughts on the Evolving Nature of Remote Access

Organizations of all sizes are currently under siege by adversaries with unlimited time and enough technical skill to exploit the cracks in our information systems and networks. All organizations have something to protect, whether large or small, and they are always looking for new technology to help against these adversaries. Zero Trust has become the latest framework to solve all of our security woes.

What Is the Cyber Kill Chain and How to Use It Effectively

You're probably familiar with the defense-in-depth or castle and moat approach to cybersecurity. It remains a common model that organizations use to think through their information security. However, as organizations have matured they have sought out new models to enable them to better understand how cyber attackers operate and how best to defend against them.