Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

The NIST cybersecurity framework (CSF) and what it can do for you

The NIST Cybersecurity Framework (CSF) has only been around for four years and while developed for critical infrastructure, resulting from Executive Order 13636, it has been widely adopted across both private and public sectors and organizational sizes. It is used inside of the US government, with 20 states using it (at last count).

Detecting the Kubernetes API Server DoS Vulnerability (CVE-2019-1002100)

Recently, a new Kubernetes related vulnerability was announced that affected the kube-apiserver. This was a denial of service vulnerability where authorized users with write permissions could overload the API server as it is handling requests. The issue is categorized as a medium severity (CVSS score of 6.5) and can be resolved by upgrading the kube-apiserver to v1.11.8, v1.12.6, or v1.13.4.

How Can You Protect Your Company From Hackers?

According to a Clark School Study at the University of Maryland, there is a cyber-attack every 39 seconds on average. If you are running a small business, you have more reason for concern as further studies reveal that 43 percent of hacker attacks target small businesses. With such alarming cybersecurity stats, it is vital for you to learn how you can protect your company from bad-actors.

EDR: The richest data in your SOC

Endpoint detection and response solutions – EDR as it’s more commonly known – act as enterprise surveillance and thus deliver a rich dataset to security professionals. But as with all advances in security, this rich data wasn’t always available in a speedy and cost-effective way. Yet, as a security professional in today’s always-on world, one of your key responsibilities is to efficiently leverage incoming data from every endpoint across your organization.

What is artificial intelligence?

Artificial intelligence (AI) is used all around us and if you’ve used some sort of voice activated technology to make your life easier, then there was likely some element of AI involved. Some of the most notable examples include Siri, Amazon Alexa, Google Assistant and Tesla semi-autonomous vehicles. Individual consumers no longer have to fumble around in the dark to flip the light switch at home, manually search playlists for songs, or type in a password to get into smartphones.

What is the Primary Objective of Data Security Controls?

Effective information security management requires understanding the primary concepts and principles including protection mechanisms, change control/management, and data classification. However, those terms may feel overwhelming at first leading many businesses to follow compliance requirements blindly without fully understanding whether they effectively secure their systems, networks, and software.

Like Football, Your Cybersecurity Defense Needs a Strong Offense

“The best defense is a good offense.” History credits Revolutionary War hero George Washington with being among the first to vocalize this concept, later famously echoed by heavyweight boxing champ Jack Dempsey and football god Vince Lombardi. And it’s easy to see what they mean.