Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Top 7 Office 365 Security Best Practices (includes Actionable Tips)

Follow our best-practice recommendations for Office 365 security. These security recommendations would help you avoid common configuration errors and improve security posture to protect Office 365 against cyber attacks. Microsoft Exchange online is one of the many products in O365 offering. It is a cloud-based messaging solution consisting of an Exchange server.

Webinar | Teleport v4.4 | Release Demo |

Join Director of Product Ben Arent and CEO Ev Kontsevoy to learn about Teleport’s newest iteration! Teleport 4.4 enables greater visibility into access and behavior by adding Concurrent Session Control features to limit the number of concurrent sessions. Additionally, it can now restrict session sharing and handle idle sessions automatically, making it possible for the user to meet stronger compliance requirements. Ben and Ev will detail these new features, give a demo to show what they will look like in action, and answer all your burning questions.

New PCI Regulations Indicate the Need for AppSec Throughout the SDLC

The PCI Security Standards Council (SSC) is a global organization that aims to protect payment transactions and consumer data by developing standards and services for payment software vendors that drive education, awareness, and implementation. Since payment software is constantly changing, the SSC is constantly evolving and adapting its standards to ensure that vulnerabilities and cyberattacks are minimized.

N-Day Vulnerabilities: How They Threaten Your ICS Systems' Security

In the last quarter of 2019, researchers at ClearSky uncovered an attack operation that they dubbed the “Fox Kitten Campaign.” Iranian actors used this offensive to gain persistent access into the networks of dozens of companies operating in Israel and around the world across the IT, telecommunication, oil and gas, aviation, government and security sectors. These individuals were successful in their efforts because they employed a variety of attack vectors.

New survey shows integrating application security testing gaining traction in DevOps

DevOps can break traditional application security testing processes & tools. Learn why an integrated DevSecOps approach is critical to building better code. Working in cyber security can be discouraging. Every day brings another unprotected database, another ransomware victim, a new type of fraud, or another serious vulnerability. The perfect antidote is working toward building better software, and to that end I want to tell you about a little thing called DevSecOps.

Ordell Robbie, Tripwire and Security Configuration Management.

Is this Jackie Brown or is it Tripwire? The reality is, it’s both. This is a powerful scene in Jackie Brown because it illustrates what Tripwire is all about in making sure that a golden image can be maintained via secure configuration management. But how would you know if it was changed?

SIEM Tutorial: What should a good SIEM Provider do for you?

Modern day Security Information and Event Management (SIEM) tooling enterprise security technology combine systems together for a comprehensive view of IT security. This can be tricky, so we’ve put together a simple SIEM tutorial to help you understand what a great SIEM provider will do for you. A SIEM’s responsibility is to collect, store, analyze, investigate and report on log and other data for incident response, forensics and regulatory compliance purposes.

Detecting Ryuk Using Splunk Attack Range

Cybersecurity Infrastructure Security Agency (CISA) released Alert (AA20-302A) on October 28th called “Ransomware Activity Targeting the Healthcare and Public Health Sector.” This alert details TTPs associated with ongoing and possible imminent attacks against the Healthcare sector, and is a joint advisory in coordination with other U.S. Government agencies.

Ryuk and Splunk Detections

Several weeks ago, my good friend Katie Nickels (Director of Intelligence at Red Canary extraordinaire) and I were chatting about Ransomware. She was super interested and passionate about some new uses of a ransomware variant named “Ryuk” (first detected in 2018 and named after a manga/anime character) [1]. I was, to be honest, much less interested. It turns out, as usual, Katie was right; this was a big deal (although as you will see, I’m right too… still dull stuff!).

What is Smishing? SMS phishing explained

SMS phishing, or “Smishing,” is a mobile phishing attack that targets victims via the SMS messaging channel rather than through email. A natural evolution of the phishing phenomenon, smishing attacks attempt to dupe mobile users with phony text messages containing links to legitimate looking, but fraudulent, sites. These smishing sites try to steal credentials, propagate mobile malware, or perpetrate fraud.