Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Where are all the cyber security pros?

Despite living in a world where the internet is becoming ever-more fundamental to everyday life, there is currently a world-wide shortage of cyber security professionals who are able to keep it all secure. Within four years this shortage is expected to reach 1.8 million. According to a recent study, only 35% of the enterprises involved felt they were adequately staffed to deal with cyber-attacks. 35% is not a good percentage.

In-house v. Cloud-based Log Management

Data generated by various devices connected in a network and operations being carried out on them is called as log data and we have already discussed why log management is important, considering the exponentially increasing number of attacks and their sophistication. Further, in the last blog post, we dealt with questions that you must your cloud-based log management service provider.

How Can Logs Be Useful?

From performance information to fault and intrusion detection, logs can provide you a lot more things with regard to what is happening on your systems and network along with the timestamps and order of the events. Logs can be invaluable for resource management, instruction detection, and troubleshooting. More importantly, logs can provide an admissible evidence for forensic purposes in the aftermath of an incident. The following sections provide a deep dive into some use-cases of logs.

Data Security Requirements for Federal Contractors

Federal contractors are private entities that fulfill governmental needs. As such, they are trusted with sensitive, private federal information which makes them obvious targets for cyber attacks. The government has recently ramped up data security requirements for federal contractors, demanding more software, hardware and accountability from them.

Bypassing and exploiting Bucket Upload Policies and Signed URLs

TL;DR Bucket upload policies are a convenient way to upload data to a bucket directly from the client. Going through the rules in upload policies and the logic related to some file-access scenarios we show how full bucket object listings were exposed with the ability to also modify or delete existing files in the bucket.

ITIL, the Change Management Process and Tripwire Enterprise

When I speak with clients about their approach to managing their IT services, many organisations mention ITIL practices as a cornerstone to their approach. This is hardly surprising since the ITIL framework describes a sensible methodology for IT management, looking at the use of technology through the lens of what the business needs.

AlienVault Expands USM Anywhere to Include Endpoint Detection and Response Capabilities

SAN MATEO, Calif. – July 31, 2018 – AlienVault®, the leading provider of Unified Security Management® (USM) and crowdsourced threat intelligence, today announced the general availability of Endpoint Detection and Response (EDR) capabilities in USM Anywhere™. Visit AlienVault’s Black Hat booth #528 from August 7-9 to see a demonstration of endpoint security capabilities in USM Anywhere.

EventSentry v3.5 Released: Windows Process Monitoring to the Max, Registry Tracking, Tags & More

EventSentry v3.5 continues to increase visibility into networks with additional vantage points, making it easier for EventSentry users to reduce their attack surface as well as discover anomalies.

False Positive or the Real Deal?

An ominous flashing red light on a blacked-out computer screen means the promise of a threat. It was 21:26 on a Sunday night and an Intrusion Prevention System (IPS) alert shot across one of our screens. A security analyst usually has just minutes to respond, carry out an investigation on behalf of the organisation under threat and make a critical decision.