Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Publications

MDR or MSSP? A Comparison Guide

In today's hyper-connected world, cyberattack risks have never been more pronounced. Threat actors continue to develop malicious, ingenious tricks and techniques to stay one step ahead of security systems and response specialists. As a result, a more focused and proactive approach to detecting, investigating, and responding to threats is required. In this guide, we break down the comparison between Managed Detection and Response (MDR) and Managed Security Services (MSS) and how to determine what to look for in providers.

Digital-First SecOps: A CISO Perspective

Businesses of all types, and across all verticals, have gone digital-first. This shift enables many benefits, such as greater scalability and speed. But it also amplifies the security and compliance challenges that arise from digital systems. For CISOs, this shift amplifies the need to apply the same level of automation, speed, and business-wide accessibility for security that digitization has brought to other aspects of the business. In short, modern businesses need to adopt a digital-first approach to SecOps itself.

Dynamic Network Segmentation: A Must Have in the Age of Zero Trust

The IT landscape is rapidly evolving to meet the demands of our digitally transforming world and a radically changed business environment that calls for always-on performance and agility at scale. As a result, client-server computing has given way to disruptive IT architectures that reshape business and ownership models. These include private and public cloud services, 'bring your own device' (BYOD), mobility and the Internet of Things (IoT).

The NERC CIP standards are a set of mandatory requirements for North America's bulk electric system.

They are designed to secure the assets of these essential services. There are 11 standards in total, covering everything from the protection of critical cyber assets to security management, personnel & training, incident reporting, and recovery planning. In this free eBook we explore how the continuous network monitoring capabilities of eyeInspect can streamline your compliance with these NERC CIP standards, saving you considerable time and money.

How to Find and Eliminate Blind Spots in the Cloud

Visibility in the cloud is an important but difficult problem to tackle. It differs among cloud providers, and each one has its own positive and negative aspects. This guide covers some of the logging and visibility options that Amazon Web Services (AWS) and Google Cloud Platform (GCP) offer, and highlights their blind spots and how to eliminate them.

Reduce Active Directory Security Risks

Since a majority of the breaches are credential based, securing your multi-directory identity store - Microsoft Active Directory (AD) and Azure AD - is critical to protecting your organization from adversaries launching ransomware and supply chain attacks. Your security and IAM teams are concerned about securing AD and maintaining AD hygiene - and they need to be in sync, for example, to ensure that legacy and deprecated protocols like NTLMv1 are not being used and that the right security controls are in place to prevent breaches in real time.

10 Principles of Database Security Program Design

Relational databases and big data stores are a prime target for attackers due to the amount of sensitive information residing within, such as customer information, intellectual property and proprietary secrets. For more than 20 years, the database security experts at Trustwave have helped organizations design, implement and maintain database security programs to meet their specific business, security and compliance objectives.