Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Who Would You Hire in Your SOC?

I got curious about what kind of people are most desired in a Security Operations Center (SOC). I wondered how accepting InfoSec blue teamers would be to having a team member with a great attitude and system administration or network management skills, versus someone with deep InfoSec knowledge and skills. So I did a poll on Twitter to learn more.

Artificial Intelligence and Cybersecurity: Attacking and Defending

Cybersecurity is a manpower constrained market – therefore, the opportunities for artificial intelligence (AI) automation are vast. Frequently, AI is used to make certain defensive aspects of cyber security more wide-reaching and effective. Combating spam and detecting malware are prime examples.

Security Orchestration Use Case: Importance of Vulnerability Management Automation

Vulnerability management is a proactive approach that mitigates or prevents the exploitation of IT vulnerabilities that may exist in corporate critical systems or network. This approach involves a number of steps that include identification, classification, remediation, and mitigation of numerous vulnerabilities. According to CVE Details Report, 15703 vulnerabilities have been identified in 2018, compared to 14714 in 2017.

Cyber Security Budget Trends for Businesses in 2019

As 2019 approaches, it’s a great time to look ahead at your information security plan and see what is being prioritized in your budget. 2018 saw an increased interest in investing in external security audits and improved endpoint protection. Here are a few cyber security trends to adopt in 2019 that will keep your organization’s information as safe as possible.

Password Stealers Aren't Letting up Any Time Soon

Password security has always been a challenge. Brute force attacks are constantly getting more powerful, but they aren’t the only threat you have to worry about. A range of password stealing malware continues to grow in popularity. One example, Agent Tesla, has seen its detection rate grow 100% in just three months, according to data from LastLine. Despite this rapid growth, Agent Tesla is far from the most popular.

Weekly Cyber Security News 07/12/2018

A selection of this week’s more interesting vulnerability disclosures and cyber security news. I don’t often play games, and until this issue below appeared on my feed due to the self inflicted data breach I was blissfully unaware. Apart from the horrific appearing customer service, the breach is deeply unfortunate. What can we learn from it? Perhaps when under a lot of stress make sure you configure (was it a thread configuration issue or bug?) anything customer facing correctly.

All I Want for Christmas... Is a New SSL Certificate

On Thursday 6th December, 2018, I realized how dependent I was on my mobile phone having an internet connection. That particular day, I was out and about away from Wi-Fi networks. The first time I noticed I had no connectivity was when I used my phone to check if my train was on time. As I got close to London, I realized I was not the only person who did not have data services on their devices, as I overheard a few people commenting on no connectivity.

Security Orchestration Use Case: Curtailing Phishing Attacks

Phishing is the bad act of luring users to visit the malicious websites that apparently seems legitimate. The purpose of phishing is to trick users into revealing sensitive and personal information such as usernames, passwords, credit card numbers, and so forth. More often, threat actors carry out phishing attacks by sending suspicious links or attachments through Emails and social media websites.

Office 365 Email Security - The Hidden Costs

You’ve made the big decision to migrate to Microsoft Office 365. Its array of cloud collaboration makes this a great decision. Yet at the same time, Microsoft is also pitching Office 365 as a way to consolidate your security, compliance, and e-discovery platforms. It is promising advanced threat protection, data protection, and an online archive that’s all about privacy and meeting robust data-retention requirements. And it’s all included. How can you turn down that offer?