Third-party risk management (TPRM) is the process of analyzing and minimizing risks associated with outsourcing to third-party vendors or service providers. This is commonly known as third-party risk or vendor risk and can include financial, environmental, reputational, and security risks due to a vendor's access to intellectual property, sensitive data, personally identifiable information (PII), and protected health information (PHI).

Threat hunting is one of the most critical activities performed by SOC teams. Once an alert triggers and a tier-1 analyst assesses it and sends it up the line for further evaluation by a more senior analyst, the race is on. Hunting down the threat as quickly as possible, before it can wreak havoc on the organization, becomes the top priority.

This Investigation was initiated on the basis of several Network Anomaly alarms triggered by ongoing suspicious activity on an employee device owned by a financial institution. During the discovery phase of the Investigation, we identified abnormal egress traffic to a known Indicator of Compromise (IOC) based on intelligence from the Open Threat Exchange™ (OTX®).

Microsoft Teams can be managed through its Admin Center, using PowerShell or via the Graphs API. In this article, you will learn the most common cmdlets to manage Microsoft Teams communication and collaboration for your organization. Before you start, check which Microsoft Teams administrator role you have, because access to different cmdlets depends on the role you are assigned in Azure Active Directory (Azure AD).

Internet Key Exchange (also known as IKE, IKEv1 or IKEv2) is a protocol that is used to generate a security association within the Internet Protocol Security protocol suite. In this article, we will discuss Internet Key Exchange in detail and explain why it is important for network security.

Are you struggling to hire skilled digital security talent in 2020? If so, you’re not alone. According to a Tripwire study on the infosec skills gap, 82% of security experts said that their teams were understaffed; nearly the same proportion (83%) indicated that they were feeling more overworked going into 2020 than they were a year prior.

As companies invest in stronger firewalls and better IT infrastructure, brute force attacks have become harder to pull off. That’s the good news. The bad news is that hackers, in turn, have found new ways of wreaking havoc. The increasing use of ransomware as a weapon is a prime example of this. Through phishing or stolen passwords, a ransomware attack can sabotage a company’s most valuable asset, it’s content, without being detected.

Moving applications and infrastructure to the cloud offers a degree of flexibility and scalability that can be a boon to almost any organization. Having continuous software and asset availability in cloud environments with elastic, as-needed infrastructure is extremely valuable. Sharing security responsibilities with a cloud service provider can even unburden security and IT teams to a degree.

In September 2019, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) announced the release of a draft practice guide entitled, “NIST Special Publication (SP) 1800-23: Energy Sector Asset Management.” The NCCoE spent the next two months collecting comments from the public to improve their guide. They then used this feedback to improve upon their initial draft. But the wait is finally over.

Creating security policies for the devices connected to your network is critical to ensuring that company data is safe. This is especially true as companies adopt a bring-your-own-device model and allow more personal phones, tablets, and laptops to connect to internal services. These devices, or endpoints, introduce unique vulnerabilities that can expose sensitive data if they are not monitored.