Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

FCPA compliance checklist

An FCPA compliance program checklist outlines the things an American company needs to check when it wants to do business in a foreign country to ensure it follows the guidelines of the U.S Foreign Corrupt Practices Act (FCPA) of 1977. The FCPA is a federal law that aims to prevent all U.S. companies and their officers, directors, employees, and agents from making corrupt payments to foreign government officials to retain or obtain business.

Stories from the SOC - Web Server Attack

During the Investigation of a Web Server Attack alarm for a large multinational enterprise Customer, we conducted an Investigation that inevitably led to the customer isolating the system entirely. The sophistication of the Correlation Rules developed by the AT&T Alien Labs™ team recognized patterns that indicated an attack on the web server.

Cyber-hygiene 101 during remote working: Protecting your digital identities with multi-factor authentication

When organizations shift to a work-from-home environment, identity and access management (IAM) takes center stage. Organizations with remote workforces must fortify their IAM policies and tools for a better user experience to ensure productivity, while also handling all the security challenges remote work presents to ensure data and system security. One of the biggest risks an organization faces when its workforce goes remote is unnecessary and unauthorized access to organizational data.

RiskIQ vs. UpGuard Comparison

Cyber attacks, misconfiguration, and data leaks are more common than ever before, as are cybercriminals. Our news cycle is full of first and third-party data breaches that expose the protected health information (PHI) and personally identifiable information (PII) of thousands or even hundreds of millions of people. Not only are data breaches more common, but they're also more costly. The average cost of a data breach is now nearly $4 million globally.

COVID-19 Scam Roundup - April 27, 2020

The coronavirus 2019 (COVID-19) scam onslaught continues. Per Threatpost, digital attackers ramped up their activity over Q1 2020 to the extent that they were sending approximately 1.5 million coronavirus-themed attack emails by the middle of April. How can we then be surprised by ZDNet’s reporting that the number of digital crime reports received by the FBI had quadrupled in number, with many of these disclosed attacks featuring COVID-19 as a theme?

What is the Cyber Essentials Certification and How Can it Help Your Business?

According to a statistical research of the University of Portsmouth for the government of the UK, more than 80% of the cyber-attacks affecting businesses in the UK could have been prevented by the implementation of some basic security controls. To help organizations adopt good practices in information security, the UK government released a government-endorsed certification scheme called Cyber Essentials in 2014.

3 Ways an Open CDE Has Radically Improved Productivity for Innovative Construction Companies

In our previous blog, we took a detailed look at how a Common Data Environment (CDE) can provide construction teams with operational advantages that enable them to work more efficiently, save time, and reduce errors. A CDE provides a central repository for all aspects of construction content management, including storing and accessing design files, bid documents, specifications, images, videos, change orders, and markups – everything that makes up the content that defines a construction project.

5 Important Points of SIEM Evaluation Checklist

Over the past couple of years, the Security Information and Event Management (SIEM) solution has been recognized as an effective tool in the Security Operation Center (SOC) of organizations. Whether it comes to managing the multiple tools or meeting the compliance standards, SIEM has always been playing its crucial role. However, since there is a multitude of SIEM solutions available in the IT market today, selecting the right one is an extremely important but difficult task for enterprises.

Protecting Your Assets: It's Not Just About Servers and Laptops!

In most of our blogs, we spend a TON of time going on about protecting our endpoints, looking at sysmon, checking the firewall, correlating IDS data and the like… Today, we're going to shift gears a bit and look at security from a different angle. Recently, there has been a tremendous focus on the shifting paradigm of a workforce that primarily resides in corporate offices, to a highly virtual workforce sitting at their kitchen tables.