Windows File Access Monitoring
In this post, we will dive into how to configure file access auditing on a Windows file server and explore the challenges with interpreting critical access events.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Finding Abusable Active Directory Permissions with BloodHound
BloodHound is a powerful tool that identifies vulnerabilities in Active Directory (AD). Cybercriminals abuse this tool to visualize chains of abusable Active Directory permissions that can enable them to gain elevated rights, including membership in the powerful Domain Admin group. This guide is designed to help penetration testers use BloodHound to identify these vulnerabilities first, so enterprises can thwart attacks.
Locating Service Accounts to Facilitate Management and Cleanup
This post explains how to collect detailed lists of your Active Directory service accounts so you can implement proper governance to reduce your attack surface area. Specifically, it details how to enumerate service accounts used by the following: This will enable you to identify a significant portion of your service accounts. However, note that service accounts can also be used in virtual directories, authentication settings, etc.
The Modern Data Repository: Understanding Your Options
Today, organizations have a variety of options for storing the data they generate, collect and use. Options for data repositories include: Choosing the best option for a given business situation depends on a variety of factors, including the needs of your user base, the skills of your DBAs and other database resources, the reporting and analysis requirements for business decisions, and whether you are storing structured or unstructured data.
What's new in Tines: November edition
We're pretty fired up about what we've introduced to the product throughout November. We leaned into collaboration last month with an emphasis on the ability to work across teams effectively. If you haven’t already, see the month’s highlights.
Why Database Security is Integral to an Organization's Overall Security Posture
An organization's database contains intellectual property, information on clients, product development, personal information on its workers, and in many cases, critical information on consumers. Therefore, it not only makes sense to fully understand how an attacker can threaten a database, but how to best defend against such an attack. So, what are those dangers? In no particular order, the most significant threats facing databases today are system, privilege, and credential threats.
Improving Security Posture at Home: The Other Cyber Battleground
In today’s world of remote work, business trips, and home offices, cybercrime doesn’t just occur within the four walls of an office. Bad actors can strike at all hours and utilize any and every vulnerability to gain access to valuable networks and assets — no matter where the device may be or what the user may be using it for. For example, look at the May Cisco breach.
In Modern AppSec, DevSecOps Demands Cultural Change
This is the final of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. When thinking of adjectives to describe cyberattackers, it’s doubtful that many people would choose to call them innovative – a term we’re more likely to ascribe to things we enjoy. But the reality is that adversaries are innovative, constantly finding new ways to launch attacks that result in greater rewards for less effort.
What Is an Incident Response Plan?
An incident response plan assigns responsibilities and lists procedures to follow if an event such as a breach were to occur. Having a plan put in place to handle cybersecurity incidents at your business can aid your business in identifying when a cyberattack is taking place, how to clean up the mess that an attack leaves and prevent an attack from happening again. Read on to learn why an incident response plan is needed, incidents that require response plans and more.
Using Splunk to Secure Your Productivity and Team Collaboration Environment
Productivity and collaboration tools are key components for any business today – we use mail, docs, spreadsheets, shared whiteboards and many other cool tools daily. In this post, we will talk about how Splunk helps teams work and collaborate securely while using Google Chrome and Google Workspace.