Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

What happened when we hacked an expo?

Last year we exhibited at a major information security trade show in London, during the preparation for this we received our exhibitor passes as “print yourself” PDF files. We immediately noticed that there are two forms of barcode here and, interestingly, the QR Code seems quite dense given that all it should be storing is a delegate ID number. Being the inquisitive sort of people that we are, we started up a QR scanner and had a look at its contents.

7 Questions for Evaluating your Security Posture against Insider Threats

Insider threats top the list of the most dangerous cyber risks for organizations worldwide. It doesn’t take much effort for insiders to steal your sensitive data, while such activities are hard to discover and impossible to prevent. Unfortunately, lack of visibility into user behavior is one of the key reasons why companies suffer from data breaches that involve either human negligence or malicious intent.

Securing Data Storage With UpGuard

Despite spending billions on cybersecurity solutions, private industry, government and enterprises alike are faced with the continued challenge of preventing data breaches. The reason cybersecurity solutions have not mitigated this problem is that the overwhelming majority of data exposure incidents are due to misconfigurations, typically by way of third-party vendors, not cutting-edge cyber attacks.

How long is your dwell time?

If many of the recent threat reports are to be believed, we can assume that, on the whole, businesses are not improving when it comes to detecting a network breach. In those isolated cases where improvement can be seen, the improvement is small. The Mandiant M-Trends 2018 report states that the median global dwell time sat at 101 days (in 2017). I can believe that.

Considering Architecture When Building a SOC

SOC architecture is a vital component to consider when building an effective and reliable SOC. It includes the consideration of SOC locations and centralization, SOC architecture and organizational size, SOC staffing, and SOC mixing up with a cloud. The subsequent sections delve into these essential points in great details.

Making Continuous HIPAA Compliance Easy with ExpertOps

Healthcare organizations continue to face relentless cyberattacks owing to the immense value placed on patient health information on the dark web. Patient records have almost everything the attacker needs to carry out sophisticated insurance fraud schemes, purchase medical supplies or drugs, or commit other types of fraud including outright identity theft.

Securing the Build Environment: A 'Critical' Component of Container Security

As I noted in a previous article, the build environment is a key area on which organizations should focus their container security efforts. Companies don’t usually think of the build environment when it comes to securing their containers. But it’s critical that they do.