Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

How does Red Teaming differ from a Penetration Test?

JUMPSEC Jargon Buster - Nikoo explains how Red Teaming differs from a Penetration Test. There are a number of ways that a red teaming exercise differentiate from a pen test. Firstly, the scope of standard penetration test is usually clearly defined with the goal to identify as many vulnerabilities as possible and attempt to exploit them on the stated targets during the engagement.

How to identify phishing emails and what to do

Phishing scams remain one of the most widespread cybercrimes. A phishing scam can be as simple as getting someone to click on a link, attachment, or a picture of cute kittens. I recently received a spam email with the message: “Old friends post embarrassing pictures of Jason Nelson online; click here to see.” Seeing my name in the body or subject line of an email is alarming. That is why scammers word these emails this way.

What are the CIS Controls for Effective Cyber Defense?

The CIS Critical Security Controls are a prioritized set of actions for cybersecurity that form a defense-in-depth set of specific and actionable best practices to mitigate the most common cyber attacks. A principle benefit of the CIS Controls are that they prioritize and focus on a small number of actions that greatly reduce cybersecurity risk.

RDS: Do Not Allow COM Port Redirection- The Policy Expert

Do Not Allow COM Port Redirection will determine whether the redirection of data to client COM ports from the remote computer will be allowed in the RDS session. By default, RDS allows COM port redirection. It can be used, for example, to use a USB dongle in an RDS session.

Developing a Data Protection Compliance Program - Verizon's 9-5-4 Model

In a previous post, I wrote about my key take-aways from Verizon’s 2019 Payment Security Report. While it’s no surprise it was full of interesting and useful data, (Verizon’s yearly Data Breach Investigation Report (DBIR) has become required reading.) I was delighted to find an excellent guide on the the 9-5-4 model, a means by which an organization can measure and improve its data protection program. It also details ways in which a company can measure the maturity of the program.

Embracing offensive tooling: Building detections against Koadic using EQL

This year at BSidesDFW, my local security conference, I highlighted a continuing trend of adversaries using open source offensive tools. The talk reviewed one of these post-exploitation frameworks named Koadic and walked through different ways defenders can build behavioral detections through the use of Event Query Language (EQL).

The Migration Path to Microservices & Security Considerations, Of Course

While the move to microservices-based architecture is relatively new, it is already mainstream. A majority of companies are choosing it as their default architecture for new development,and you are not cool if you are not using microservices. With regards to migrating legacy apps and breaking them down to microservices, companies are showing more conservatism, and rightly so.