Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Expert Thoughts on How Infosec Pros Can Make the Most of Working From Home

We find ourselves in strange times. In response to the ongoing coronavirus epidemic, organizations have swiftly closed their offices and mandated that all employees begin working from home. This development has created security challenges with which many organizations are still grappling.

What is NIST Special Publication 800-37 Revision 2?

National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 revision 2 is a Risk Management Framework for Information Systems and Organizations: A System Lifecycle Approach for Security and Privacy. NIST SP 800-37 rev 2 was published in December of 2018 and describes the Risk Management Framework (RMF) and guidelines on how to apply RMF to information systems.

Breaking down the San Francisco airport hack

On April 7, 2020, the San Francisco International Airport (SFO) released a notice confirming that two of its websites, SFOConnect.com and SFOConstruction.com, were targets of a cyberattack in March 2020. The attack has been attributed to a hacker group that was attempting to steal the Windows logins of the airport’s employees. When we hear news about cyberattacks, a few typical, yet crucial questions spring to mind: How did the attackers perform the cyberattack?

Prevalent vs. Whistic Comparison

The news cycle is full of third-party data breaches and data leaks. And for a good reason, they often expose the protected health information (PHI) and personally identifiable information (PII) of thousands or even hundreds of millions of people. Cyber attacks and misconfiguration are more common than ever before. Organizations need to invest in tools to prevent data breaches and reduce cybersecurity risk: particularly risks that involve third and fourth-parties.

Prevalent vs. UpGuard Comparison

Cyber attacks, misconfiguration, and data leaks are more common than ever before. Our news cycle is full of first and third-party data breaches that expose the protected health information (PHI) and personally identifiable information (PII) of thousands or even hundreds of millions of people. Not only are data breaches more common, but they're also more costly. The average cost of a data breach is now nearly $4 million globally.

Surviving the Paperwork: Why Seamless Submissions and Good Compliance Envelopes Matter

Are you finding it increasingly challenging to manage your organization’s regulatory submission process? The entire process of developing a drug from preclinical research to marketing takes approximately 12 to 18 years and can cost billions of dollars before a drug is even approved.

MITRE ATT&CK® round 2 APT emulation validates Elastic's ability to eliminate blind spots

Six months ago we celebrated the joining of forces between Endgame and Elastic under the banner of Elastic Security and announced the elimination of per endpoint pricing. Simultaneously, while the newest members of Elastic Security were getting acquainted with the Elastic SIEM team, a few of our analysts were locked away in an office at MITRE HQ for round 2 of MITRE’s APT emulation.