Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

NIS 2 Cybersecurity Risk Management Measures Explained

The Network and Information Systems Directive 2 (NIS 2) is a cornerstone of European cybersecurity regulation, imposing stringent requirements on critical infrastructure sectors. To ensure their resilience, NIS 2 mandates specific cybersecurity risk management measures. Let's break down these ten essential measures and understand their implications.

Elevate Your Security Strategy with Effective Vulnerability Prioritization

Vulnerability prioritization is essential for organizations to efficiently allocate resources, reduce risk, and protect critical assets. However, with an increasing number of vulnerability scanning tools in use, security teams face a growing backlog of findings. This overwhelming volume of data can lead to analysis paralysis, where critical vulnerabilities remain unaddressed while minor issues consume valuable time and resources.

Friday Flows Episode 33: From Traditional SOAR to Tines Automation: An engineers perspective

FRIDAY FLOWS #33 Pt.1 - From Traditional SOAR to Tines Automation: An Engineers Perspective A longer form episode with Tino Sif Baksh. An experienced SOAR engineer who has been blown away by Tines' capability since joining. This is part 1 of our chat. Three really simple unique things covered here: How SOAR has changed as a technology and automation going from ‘nice to have’ to ‘need to have’. Building rules into the Tines’ Webhook action to reduce noisy alerts. The power using Tines’ email mode within the receive email action to simplify the Phishing Response workflows.

Friday Flows Episode 32: Beyon Cyber: An MSSP Journey from Traditional SOAR to Tines

FRIDAY FLOWS #31 - Beyon Cyber: An MSSP Journey from Traditional SOAR to Tines For any MSSPs out there, this is a really interesting deployment we did with Beyon. Service Providers will look to use SOAR as backend automation for their services. However, traditional SOARs can create their own problems. Requiring dedicated Dev teams to deploy & write automation. Not allowing customisable integration ability outside the box and ultimately being very resource-intensive to maintain.

Friday Flows Episode 31: Analyze Elastic alerts, block IPs, and notify in Slack and Tines Cases

FRIDAY FLOWS #31 - Analyze Elastic alerts, block, IPs, and notify in Slack and Tines Cases Personally, my favourite partners to work with. Elastic and Tines go hand in hand technology wise. Whether you're using Elastic for SIEM, Cloud Security, Endpoint, or outside security like Observability, Tines acts as the automation glue for those tools. I hope you enjoy today's episode with Michael Tolan and as always, check out the Tines community edition in the comments to play around with this specific story and more.

How To Stop A DDoS Attack

On a Friday afternoon at 5 PM, you’re cruising along the backroads in your car, listening to your favorite music. You’re on vacation and making excellent time to your destination until you notice the long stream of red tail lights a few miles ahead. After sitting in standstill traffic for over an hour, you realize that highway construction created a detour to the two-lane backroad that you were using to skip the rush hour traffic.

What Steps Are Involved in An ISO 27001 Audit?

As the strongest and most well-recognized security certification around the world, ISO 27001 is a very popular – and very stringent – framework to adhere to. If you’re a business operating anywhere in the world, and you want to achieve security levels that build confidence and open doors with customers and clients who value trust, ISO 27001 is a great option.

Magecart Attack - Techniques, Examples & Preventions

Magecart attacks are a form of digital skimming that targets insecure websites to steal payment information. These attacks involve injecting malicious JavaScript code into e-commerce websites to steal sensitive information such as credit card details during the checkout process. The term “Magecart” originates from the attackers’ initial focus on Magento, a popular e-commerce platform, though their methods have since expanded to target various other platforms.