Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 1)

Last month, we hosted a webinar, Hunting for persistence using Elastic Security, where we examined some techniques that attackers use in the wild to maintain presence in their victim’s environment. In this two-part blog series, we’ll share the details of what was covered during our webinar with the goal of helping security practitioners improve their visibility of these offensive persistence techniques and help to undermine the efficacy of these attacks against their organization.

Create a Server with the Node.js HTTP Module

Using Node.js on the web generally involves a server framework, like Express, Hapi, or Koa. These make working with the underlying HTTP support easier. Sometimes you need the full power of a framework, but in other cases that can be overkill. In this article, we'll ignore the benefits of a framework and look at the underlying features of Node's HTTP module and how you can use it to create a web server. In future articles, we'll examine other features of the HTTP module.

4 Questions to Ask in Building a Security Operations Center

Building an in-house SOC represents a significant commitment, both financially and strategically, to securing your enterprise. In a report from the Ponemon Institute—based on a survey sponsored by Devo of more than 500 IT and security practitioners—67 percent of respondents said their SOC was “very important” or “essential” to their organization’s overall cybersecurity strategy.

IRM, ERM, and GRC: Is There a Difference?

Risk management has become a veritable alphabet soup. The advent of the digital age is partly to blame. Virtually every organization is “going digital,” in a growing number of areas. Retail is now “e-tail”; manufacturing plants are increasingly automated; nearly every step of the hiring and contracting process happens online, from the application process to background checks to payroll and beyond.

Windows Server 2019 OS hardening

Windows Server 2019 ships and installs with an existing level of hardening that is significantly more secure compared to previous Windows Server operating systems. Gone are the bloat of Xbox integration and services and the need for third-party security solutions to fill security gaps. Operating System (OS) hardening provides additional layers of security and preventative measures against both unauthorized changes and access.

Introducing our free Secure Remote Access Toolkit for IT teams

The global corporate landscape is on the brink of a complete premises lockdown in light of the COVID-19 crisis. Service disruption is inevitable, and enterprises’ business continuity plans are being put to the test. Despite this challenge, it’s heartening to see companies across nations take quick steps to ensure the health and safety of their employees during these trying times.

Best Practices for CSOs to Navigate Today's Uncertain World

Like many of my peers, my role as a Chief Security Officer (CSO) has dramatically changed as we work to understand and adapt to COVID-19. It’s hard to believe that just a few weeks ago, my mind was focused on things such as FedRamp and the California Privacy Act (CCPA), now the majority of my time is focused on ensuring our employees safety and productivity, so they can continue to deliver products and support our customers and partners.

BitSight vs UpGuard Comparison

There are a lot of security ratings platforms out there, and choosing the right one can be overwhelming. We've written the post to make it as easy as possible for you to compare BitSight and UpGuard. Regardless of whether you're a CISO, Vice President of Security or an individual contributor, it's safe to say you understand the importance of cybersecurity risk management.