Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

From Good to Great - Building on ICS Security Basics

Most industrial organizations are behind the curve when it comes to cybersecurity, facing mounting complexities like the IIoT, the skills gap and the IT/OT divide. But what about industrial organizations that are already taking steps in the right direction and need to know what awaits them on the horizon? What practical next steps can your organization take to optimize your current ICS cybersecurity program?

Malware in the Cloud: Protecting Yourself Based on Your Cloud Environment

In some ways, the cloud has made security management easier, as many cloud providers have taken the responsibilities traditionally associated with local server management out of your hands. But in other ways, the security management conversation has become more confusing for decision makers, as “cloud” is a very broadly defined term and could speak to a variety of different technology ecosystems with their own security considerations.

Mac system extensions for threat detection: Part 1

When it comes to having visibility and detecting threats on macOS, one of the best sources of information for file system events, process events, and network events is the kernel. MacOS kernel extensions provide the ability to receive data about these events in real time with great detail. This is good for providing quick visibility into detecting anomalies and identifying possible threats.

The Circuit Breaker Pattern

How does your application handle failure? Your first level of response might focuses on logging and displaying errors, but it merely captures the problem rather than resolving it. What happens if a vital service is offline or under heavy load? What about simply not performing at the standards you might expect? As your application relies more on services that you don't control, like third-party APIs, the need to handle these variables when they arise becomes more important.

Don't give away your secret answers

I was watching an interview with an American Congressional member the other night, and I could not help but notice the person’s lack of cybersecurity awareness. As a disclaimer, please note that this is not a piece promoting or denouncing any political party, or view. I do not discuss politics unless it relates to a cybersecurity matter. In two previous posts, I have been misunderstood and thought to be promoting a position, but that isn't my intended purpose - cybersecurity awareness is.

Navigating ICS Security: The Value of Frameworks

Since the implementation of the General Data Protection Regulation (GDPR) on 25 May 2018, organizations and even private citizens have globally begun to re-assess what it means to ‘take security seriously’ and to better understand the massive difference between security and privacy.

The Role of Technology in the Modern SOC

Recently, Security Boulevard published an article I wrote about the role technology plays in the modern security operations center (SOC). It’s a topic near to my heart, since I began working in SOCs back when we were known as “computer incident response teams” (CIRT). Over the years, I’ve seen a lot of outstanding technologies hit the market that have contributed greatly to improving security teams’ ability to identify, investigate and respond to threats.

GoCenter Reveals Go Module Vulnerabilities With Xray

Golang developers care a lot about security and as Go modules become more widely used, they need more ways to assure these publicly shared files are safe. One unique feature included with Golang version 1.13 is the foresight that went into authentication and security for Go modules. When a developer creates a new module or a new version of an existing module, a go.sum file included there creates a list of SHA-256 hashes that are unique to that module version.