Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Work from home cybersecurity explained: should your business have a WFH policy?

Global organizations are sharpening their strategies that enable their employees to work from virtually any location at any time. But working in different types of remote settings brings with it the potential for significant cybersecurity threats that must be anticipated, defended against, and quickly remediated. Working outside the traditional office setting has accelerated during the past decade.

Our Favorite Web Vulnerability Scanners

Web vulnerability scanners crawl through the pages of web applications to detect security vulnerabilities, malware, and logical flaws. They do this by generating malicious inputs and evaluating an application’s responses. Often referred to as dynamic application security testing (DAST), web vulnerability scanners are a type of black-box testing; they perform functional testing only and don't scan an application’s source code.

The Impact of Lockdown Remote Working-A Conversation with the Law Firm Herbert Smith Freehills

Recently I participated in a webinar with Toks Oladuti (Netskope customer, and senior IT security manager at the international law firm Herbert Smith Freehills), and my colleague Neil Thacker (Netskope’s CISO EMEA). The conversation was hosted by Janet Day, a long-time technology consultant to the legal industry. During the webinar, we touched on a lot of topics and I was particularly interested to hear Toks’ stories of HSF’s journey to the cloud.

How I Found Myself in a Command Line vs. GUI Meeting

“Ev, do you have time later today to discuss the new web GUI for the command line terminal?” said the Slack message. It came from Alex, our user experience chief and the product in question is the SSH client. Part of me was worried. The command line environment had a sanctuary where I found peace and happiness away from the world of browser-based tools.

Drovorub "Taking systems to the wood chipper" - What you need to know

On August 15th the NSA and FBI published a joint security alert containing details about a previously undisclosed Russian malware. The agencies say that the Linux strain malware has been developed and deployed in real-world attacks by Russian military hackers.

Security operations: Cloud monitoring and detection with Elastic Security

As many organizations have migrated their infrastructure, applications, and data to cloud offerings, adversaries have extended their operational capabilities in cloud environments to achieve their mission — whether that means stealing intellectual property, disrupting business operations, or holding an organization’s data for ransom.

Introduction to Windows tokens for security practitioners

This blog series is aimed at giving defense practitioners a thorough understanding of Windows access tokens for the purposes of detection engineering. Here in Part 1, we'll cover key concepts in Windows Security. The desired outcome is to help defenders understand how access tokens work in Windows environments.

Introducing a New Splunk Add-On for OT Security

The lines Between IT and OT are blurring. With IT and Operational Technology (OT) systems converging, ensuring the security of devices, applications, physical locations and networks has never been more difficult or more important. There is a growing recognition by security professionals that they have a readiness and visibility problem in plain sight.

How to check the effectiveness of phishing

You can install the latest generation of security software to protect against evil hackers, but what is the use of it if your employees continue to follow phishing links? Several security companies conduct social and technical research of real-life phishing attacks aimed at different businesses and are impressed with the scale of the problem.