There are two kinds of CISOs: pre-breach and post-breach. Pre-breach CISOs are overly focused on tools and thinking about investing in prevention technologies. They do this almost to the exclusion of thinking about recovery and timely restoration of services once something bad actually occurs. And something bad will happen; it’s not a matter of if, but when (and how often, I might add, so “breach cadence” seems a more suitable KPI than breach likelihood).
Definition: Automated onboarding is a process designed and scripted before user onboarding. It is an entire user or customer onboarding process that doesn’t require real-time human interaction and is frequently supported by in-app messages and instructions that are specifically created to ensure a positive onboarding experience and, therefore, customer satisfaction.
Can OpenAI ChatGPT become a contributor for an open source project like Falco? Is this the end of GitHub Copilot? ChatGPT is SO trendy that I overheard my grandma talking about it to her friends the other day. We’re seeing more and more uses of this AI for real world applications. That made us think… Falco, the first runtime security project to join CNCF as an incubation-level project, needs contributors.
February 24, 2023 marks one year since Russia invaded Ukraine, starting a conflict that has killed more than 8,000, injured more than 13,300, and displaced more than 14 million people in the past year, according to the UN. Physical warfare between Ukraine and Russia has been accompanied by cyberwarfare between the two countries. This blog post focuses on cyberwar, particularly what we can learn from the past year.
This new feature automates assigning severity levels to each incident, allowing security teams to quickly identify the most critical ones and prioritize their response accordingly.
Whether you realize it or not, service accounts represent a major risk to your data security. This article explains the fundamentals of service accounts and how attackers can exploit them so you can prevent yours from being compromised.
Mimikatz provides attackers with several different ways to steal credentials from memory or extract them from Active Directory. One of the most interesting options is the MemSSP command. An adversary can use this command to register a malicious Security Support Provider (SSP) on a Windows member server or domain controller (DC) — and that SSP will log all passwords in clear text for any users who log on locally to that system.
One year ago today, Russia launched a massive combined arms ground, air, and sea assault against Ukraine, including a large cyber component designed to sow confusion among Ukrainian authorities. At the first anniversary, the initial takeaway is the role played by cyber has not been as prominent as predicted for what has turned into the largest European land war since 1945. Russia and Ukraine are still actively using their cyber troops to conduct a variety of attacks against their foe.
