Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most posts about types of endpoint security mention antivirus software, firewalls, or maybe EDR/XDR. And while those security technologies are important, they’re not enough. Cyberattacks have evolved. Today’s cyber threats target laptops, smartphones, and even IoT devices. Ransomware moves laterally. Zero-day exploits bypass signature-based defenses. Phishing attacks hit the end-user, not just the firewall.

ABAC is an access control paradigm where access rights are granted through the use of attributes associated with: Access decisions are made using policy rules that evaluate these attributes. For example, a doctor can access patient records only if they are on duty and the patient is in their department.

Endpoint security compliance isn’t just about meeting regulatory requirements—it’s about building a robust security architecture that protects your organization from advanced threats. As more businesses adopt modern management frameworks for Windows devices, ensuring compliance while enhancing security is a critical challenge.

On April 15th of 2024, ISC² implemented a refreshed set of objectives for the CISSP exam. The goal of refreshing the exam objectives is to keep the exam relevant to the latest happenings in security. As things progress and new technologies are introduced, the objectives are updated to account for them as well as for the latest standards and processes. In this blog, we’ll look at the changes and explore some of the key things to be aware of as you prepare for the refreshed exam in 2025.

Cloud security monitoring refers to the ongoing surveillance, observation, analysis of cloud-based infrastructure and services to detect security threats, patch vulnerabilities, and address compliance gaps. As cloud environments expand, organizations need effective cloud-based security monitoring tools to ensure those resources remain secured.

People come and go within your organization, and those who remain move throughout the organization through promotions and transfers. However, the fundamental organizational structure remains relatively stable: Customer support agent, sales rep, HR manager, and software developer represent enduring functional roles, even as individual employees cycle through these positions.

Personally identifiable information (PII) is any data that can be used on its own or in combination with other information to identify, contact, or locate an individual. Examples of PII include full name, Social Security number, passport number, driver’s license number,r and biometric data.

Identity threat detection and response (ITDR) is a cybersecurity discipline focused on detecting, investigating, and responding to threats targeting identity systems like Active Directory (AD) and Entra ID, identity providers (IdPs), and authentication mechanisms. It enhances traditional identity and access management (IAM) by introducing threat intelligence, behavioral analysis, and automated response capabilities to mitigate identity-based attacks.

Most IT and security teams think they already have endpoint policy management in place. They’re using Microsoft Intune. Maybe Defender. Maybe a mix of Mobile Device Management, AV, and EDR. But here’s the catch: delivering policies isn’t the same as enforcing them.

What is an SPN? Even a Windows Admin with some experience with Active Directory may be unaware of the role that Service Principal Names have in domain environments. A security principal name (SPN) is a unique identifier that links a specific service instance to the account running it, enabling clients to authenticate and connect to the right service within Active Directory (AD).