Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

A Quick Guide to Preventing, Detecting & Responding to Insider Threats

One day, a contractor working for an internet service provider decided to sabotage the company by disabling internet connectivity for all customers. Unfortunately, the employee's attack was successful, and the disruption lasted three weeks. This attack cost the company tens of thousands in remediation costs and left many customers struggling to navigate a world without the internet.

Who's phishing in your cloud? And, some suggestions for detecting it

A comprehensive, six-month study released by Proofpoint, in March reports that (oh, to our surprise), attackers are “leveraging legacy protocols and credential dumps to increase the speed and effectiveness of brute force account compromises at scale.” Yikes!! At SCALE! Threat actors design threats aiming at platforms or services which will provide the greatest ROI for them.

Inside the Government Cybersecurity Landscape: Federal vs. State Level Challenges

Few would dispute the idea that an effective cybersecurity profile requires candid assessments of potential vulnerabilities. Here’s a closer look at the challenges facing the federal cybersecurity mission and the efforts of state-level agencies.

Mitigating Risks in Cloud Migration

Companies are moving to incorporate the cloud into their computing infrastructure at a phenomenal rate. This is, without question, a very positive move. It permits companies to scale processing resources up and down in response to changing demands, giving companies the operational equivalent of unlimited resources while paying only for the resources that are actually used.

How to Use Data to Identify Trends, Attack Profiles, And Possible Threats?

Data is a raw material, which is often unstructured, extracted in massive quantity, and requires processing before calling it an information and actionable intelligence. A good example is the Indicators of Compromise (IoCs). A big list of domain names or IP addresses can be ingested into the SIEM system to identify whether this list contains any malicious IP or not.

How to create a security culture in your company in 2019

Cybersecurity isn’t just about the computer hardware, software, and networking technicalities that it pertains to. It is also about how human beings behave with computer technology–and what sort of cyber risks that behavior can create. Culture influences behavior, and the security culture of your company can have an immense effect on your cybersecurity. I’ll explain why.

Enterprise log management is here to stay: Part 1

Logs began with UNIX in the 1960s, partly to preserve the culture of close communication in programming. Luckily, that culture has held fast as programming and technology have taken many different shapes and evolutions over the years, and today, the idea behind logs is still to maintain data for correlation and analysis to meet enterprise security and compliance needs.

Basics Of IT Security

With the rise of technologies such as Internet of Things and cloud storage solutions, data concerning almost every aspect of our lives are highly connected, making us and our businesses vulnerable to cyber-attacks. Since we are way past the point of turning our back to new technologies, we need to learn how to protect our data while keeping up with the recent developments.

Five Concerning Breaches That Started With an Insider Threat

Human beings have been dubbed as one of the most significant risks when it comes to cyber security in organizations. Behind every breach is a human or entity orchestrating an attack to make it happen. Within the affected organization, there is usually a human action that leads to the success of the attack.