Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

An overview on insider threat awareness

Organizations usually focus on cyber threats which are external in origin. These include anti-malware, external firewalls, DDoS attack mitigation, external data loss prevention, and the list goes on. That's great, external cyber attacks are very common so it's vital to protect your networks from unauthorized access and malicious penetration. The internet and unauthorized physical access to your facilities will always be risks and they must be monitored and managed.

3 key takeaways on Cloud SIEM from Gartner Security & Risk Management Conference 2019

Gartner has been a thought leader in the SIEM space for the last few years. Gartner’s Magic Quadrant is considered one of the top market research reports on SIEM’s capabilities and vendors. Very recently, I attended the 2019 Gartner Security & Risk Management Conference, and based on thousands of conversations Gartner has had with their clients, they have a good vantage point on the SIEM space this year.

A Google Cloud Platform Primer with Security Fundamentals

We’ve previously discussed best practices for securing Microsoft Azure and Amazon Web Services, but this time we are going to turn our attention to Google Cloud Platform. Google Cloud Platform (GCP) is growing at an impressive 83 percent year over year, but generally receives less focus than AWS and Azure. We can use some of our best practice cloud security knowledge to outline some fundamental steps for keeping Google Cloud Platform secure.

State of Cybersecurity Today

Today, the majority of our critical systems are intertwined with each other and are administrated by/through computers. Many decisions are automated and our lives are to some extent reliant on IoT connected devices. A great deal of our data is on cloud storage facilities and almost all of our personal data is stored in a device that has internet connection. The connectivity and complexity of these systems make them vulnerable. That is why cybersecurity has been gaining more and more importance.

What's New and Changing in the World of Vulnerability Management?

According to CIS, “Organizations that do not scan for vulnerabilities and proactively address discovered flaws face a significant likelihood of having their computer systems compromised.” While vulnerability management (VM) isn’t new, I’ve seen it evolve a lot over my 22 years in the industry. Here are some big trends: The idea of an asset has changed and grown over the years. Back in the ‘90s, it was a PC or a server.

Price vs. Cost: What the Stock Market Teaches Us about Data Breaches

Normally, when you hear about stocks dropping, it’s due to some scandal or crisis. Market watchers will tell you that a range of elements can affect the value of a publicly traded company and cause stock prices to rise or fall. Consumer confidence is a major factor that influences a company’s reputation and perceived value. What does that have to do with data breaches? A lot more than you might think.

The dangers of public Wi-Fi

Working from home used to mean an unofficial day off, but it’s becoming an increasingly common way for people to – well, actually work. For these people, pitching up at a coffee shop is not unusual. Lots of people do it. They're no longer the reserve for would-be screenwriters. There are numerous benefits, such as easy access to overpriced coffees and the option to be sociable but with no obligation to actually be so.

KlusterKit - Enable Kubernetes based Architectures in Air Gapped Deployments

Early adopter enterprises across verticals such as Retail, Manufacturing, Oil & Gas are looking to incorporate containers and Kubernetes as a way of modernizing their applications. Choosing k8s as a standard ensures that these applications can be deployed these on different data center infrastructures (bare metal/VMware/KVM on OpenStack etc) or on public clouds (AWS/Azure/GCP etc).

Hunting for Linux library injection with Osquery

When analyzing malware and adversary activity in Windows environments, DLL injection techniques are commonly used, and there are plenty of resources on how to detect these activities. When it comes to Linux, this is less commonly seen in the wild. I recently came across a great blog from TrustedSec that describes a few techniques and tools that can be used to do library injection in Linux.