Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I often see “EDR” used as a synonym for “industry-leading endpoint security solution.” There are times when this is accurate, but there are also times when I believe that this generalization stymies discourse around current capability gaps in the endpoint security ecosystem. In this blog post, I want to share my personal taxonomy for endpoint security products — albeit one that perhaps confusingly reuses existing terminology.

Ignoring the little stuff is never a good idea. Anyone who has pretended that the small noise their car engine is making is unimportant, only to later find themselves stuck on the side of the road with a dead motor will understand this statement. The same holds true when it comes to dealing with minor vulnerabilities in a web application. Several small issues that alone do not amount to much, can in fact prove dangerous, if not fatal, when strung together by a threat actor.

Co-authored by Carmine Clementelli and Jason Clark In recent times, the rise of artificial intelligence (AI) has revolutionized the way more and more corporate users interact with their daily work. Generative AI-based SaaS applications like ChatGPT have offered countless opportunities to organizations and their employees to improve business productivity, ease numerous tasks, enhance services, and assist in streamlining operations.

In this post we will explore Linux Crypto API for user applications and try to understand its pros and cons. The Linux Kernel Crypto API was introduced in October 2002. It was initially designed to satisfy internal needs, mostly for IPsec. However, in addition to the kernel itself, user space applications can benefit from it.

The world is increasingly embracing cloud technology. The fact that cloud requires minimal infrastructure and operational costs is attracting enterprises to shift to cloud. Remote and hybrid work modes following the pandemic has added to the continued rise of cloud.

A DNS server is an integral part of an AD environment. Simple yet crucial activities are accomplished using DNS servers, such as authenticating, searching for computers, and identifying domain controllers. But attackers know there are a lot of loopholes in DNS that they can exploit. And, they often already know about these vulnerabilities. In this blog, you will learn how attackers can abuse.

Kroll has won in four categories at the 2023 Cyber Defense Magazine Global InfoSec Awards which were announced at this year’s RSA Conference.

For years, efficient Case Management has been one of the single most challenging tasks for security operations professionals. It involves ensuring all threats are proactively identified and prioritized based on risk criticality, and then rapidly investigated and appropriately elevated across all organizational cybersecurity platforms and tools. Optimally, it sets up a near-bulletproof incident response posture that makes the most of an organization’s cybersecurity ecosystem.

Kroll Cyber Threat Intelligence analysts have identified a new strain of ransomware, named CACTUS, targeting large commercial entities since March 2023. The name “CACTUS” is derived from the filename provided within the ransom note, cAcTuS.readme.txt, and the self-declared name within the ransom note itself. Encrypted files are appended with.cts1, although Kroll notes the number at the end of the extension has been observed to vary across incidents and victims.

Cybersecurity is a critical concern for businesses of all sizes and industries. With the increasing sophistication of cyber threats, it's more important than ever to have a robust security strategy in place. However, many organizations lack the expertise or resources to manage their cybersecurity needs effectively. This is where professional services come in.