Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

SecurityScorecard vs CyberGRX Comparison

Outsourcing, digitization, and globalization have made vendor risk management a top priority for CISOs and senior management alike. These forces have led to innovative products and services, increased specialization, lower costs, and increased access for customers and organizations alike. However, they've also introduced significant cyber risk, particularly the risk of unintended data exposure in the form of a data breach or data leak.

The Future is Hybrid:Key Considerations for Cloud and DevOps

Do you want to modernize your cloud infrastructure while staying one step ahead of the associated security risks? Common cloud infrastructure challenges arise around the elasticity and short lifespan of servers as well as the up-and-coming wave of containerization. These challenges are the new status quo for organizations that expand their systems across on-prem and virtual infrastructures, resulting in a “hybrid” environment.

The MITRE ATT&CK Framework: Execution

Of all the tactics that an adversary will take on in their campaign, none will be more widely abused than, Execution (https://attack.mitre.org/wiki/Execution). When taking into consideration off-the-shelf malware, traditional ransomware, or state of the art advanced persistent threat actors, all of them have execution in common. There’s a great quote from Alissa Torres which says, “Malware can hide, but it must run.”

Working From Anywhere With Egnyte: Collaboration Guide

In an examination of remote work done by the American Psychological Association, experts found, unsurprisingly, that one of the biggest challenges people face when working remotely is professional and personal isolation. More surprisingly, however, these same experts found that isolation could be eased by the perception of closeness created primarily through communication, collaboration and a sense of shared identity.

How to Monitor Employees at Work: 7 Best Practices

With the number of insider-related breaches rising every year, employee monitoring is becoming a common practice. Modern employee monitoring solutions help businesses track their employees’ productivity and work attendance, minimize administrative work, and enhance cybersecurity. In this article, we discuss why you should monitor your office staff, list the benefits and shortcomings of doing so, and explore best practices for monitoring your employees efficiently yet respectfully.

Cybersecurity Implications Of An Ongoing Pandemic

The year 2020 has left many people feeling like we are living in the twilight zone as the coronavirus sweeps the globe, changing life as most know it. From embracing the reality of a fully remote workforce, to dealing with ruthless cyber attackers taking advantage of unsuspecting people looking for help, and like all things, technology is playing a pivotal role in the way the pandemic plays out.

Threat, Vulnerability, and Risk: What's the Difference?

In casual conversation, threats, vulnerabilities, and risks are often talked about interchangeably. The reality is that the three are quite different. Threats represent something that might happen. Vulnerabilities show that systems have inherent weaknesses attackers may exploit. Risks keep business owners up at night by shining a light on potential harm inherent in running an enterprise.

Featured Post

Evaluating FedRAMP Compliance For Cloud Services Providers

The Federal Risk and Authorization Management Program (FedRAMP) comprises a set of standardized guidelines for monitoring, authorizing, and undertaking security assessments on cloud service providers (CSPs). The objective of the guidelines is to ensure that providers of cloud services meet the necessary cloud security standards. FedRAMP requires all CSPs to get accessed by third-party organizations to ensure that they meet cloud security guidelines that apply to them.

Stories from the SOC- RIG Exploit Kit

AT&T Alien Labs® Open Threat Exchange® (OTX) recently created a pulse for a new threat entitled the RIG Exploit Kit which had been observed distributing ransomware to victim companies across a variety of industry verticals. This exploit was discovered by BroadAnalysis who outlined the exploit’s intricacies in a whitepaper that was released December 2, 2019.