Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

How to get compliance audit training in the new virtual workplace

As many businesses have begun to work almost entirely remotely until an as-yet-to-be-determined date, they have had to plan for activities that took place largely in person in the past. For example, many compliance audits have gone virtual in these times of uncertainty. This shift has forced organizations to adjust how they prepare and plan. But even in these times of uncertainty, it is your organization’s responsibility to stay sharp and on track with security knowledge, planning, and response.

Stories from the SOC - detecting network anomalies with OTX

This Investigation was initiated on the basis of several Network Anomaly alarms triggered by ongoing suspicious activity on an employee device owned by a financial institution. During the discovery phase of the Investigation, we identified abnormal egress traffic to a known Indicator of Compromise (IOC) based on intelligence from the Open Threat Exchange™ (OTX®).

How ExpertOps Can Help You Address the Infosec Skills Gap

Are you struggling to hire skilled digital security talent in 2020? If so, you’re not alone. According to a Tripwire study on the infosec skills gap, 82% of security experts said that their teams were understaffed; nearly the same proportion (83%) indicated that they were feeling more overworked going into 2020 than they were a year prior.

Managing Microsoft Teams Using PowerShell

Microsoft Teams can be managed through its Admin Center, using PowerShell or via the Graphs API. In this article, you will learn the most common cmdlets to manage Microsoft Teams communication and collaboration for your organization. Before you start, check which Microsoft Teams administrator role you have, because access to different cmdlets depends on the role you are assigned in Azure Active Directory (Azure AD).

6 Ways Ransomware Attackers Steal Your Data, And How IT Admins Can Stop Them

As companies invest in stronger firewalls and better IT infrastructure, brute force attacks have become harder to pull off. That’s the good news. The bad news is that hackers, in turn, have found new ways of wreaking havoc. The increasing use of ransomware as a weapon is a prime example of this. Through phishing or stolen passwords, a ransomware attack can sabotage a company’s most valuable asset, it’s content, without being detected.

Three New Ways Tripwire Enterprise Can Help Monitor Ephemeral Assets in Dynamic Cloud Environments

Moving applications and infrastructure to the cloud offers a degree of flexibility and scalability that can be a boon to almost any organization. Having continuous software and asset availability in cloud environments with elastic, as-needed infrastructure is extremely valuable. Sharing security responsibilities with a cloud service provider can even unburden security and IT teams to a degree.

Final Version of NIST SP 1800-23 Guides Identification of Threats to OT Assets

In September 2019, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) announced the release of a draft practice guide entitled, “NIST Special Publication (SP) 1800-23: Energy Sector Asset Management.” The NCCoE spent the next two months collecting comments from the public to improve their guide. They then used this feedback to improve upon their initial draft. But the wait is finally over.

Curtail security exploits in applications and fortify your remote endpoints

The trend of working from home has hit the ground running, and businesses have turned to strategies and tools that will ensure a no-plummet productive environment. There are two major forks in the road when it comes to provisioning remote endpoints—users can use their own devices, or the company can hand over corporate-owned devices.