A company’s IT infrastructure and data are some of its most valuable assets today. Consequently, protecting them is an increasingly critical goal to stave off worst-case scenarios and preserve a business’s value. By the same token, robust cybersecurity can make a company more valuable. Many organizations understand the importance of cybersecurity as a defense but may overlook its role as an asset.

In a new 12-minute video Rakesh Shah AVP Product Management and Development of AT&T Cybersecurity, explains Extended Detection and Response (XDR). This video was part of the virtual Black Hat USA event in August. It’s not product-specific and explains what can be a very confusing concept in a delightfully simple way.

Crypto miners are determined in their objective of mining in other people's resources. Proof of this is one of the latest samples identified with AT&T Alien Labs, with at least 100 different loaders and at least 4 different stages to ensure their miner and backdoor run smoothly in the infected systems.

Cloud adoption has gained solid momentum over the past few years. The technology has been helping organizations revolutionize their businesses and optimize their processes for increased productivity, reduced cost, and better scalability. But as organizations pour their entire focus on improving their businesses, they tend to lose control of governance. One of the many reasons that data governance tends to get more out of control is when organizations increasingly adopt a hybrid or multi-cloud model.

One of the main questions I get asked from people looking to get started in Cybersecurity is, “What certification(s) do I need?”. Who you ask and the number of people you ask will determine the number of different answers you will get back on this question. A few short years ago, there was no such thing as a cybersecurity professional. At first, people working in system administration or development were asked to take on the additional role of handling security for an organization.

AT&T Cybersecurity is pleased to announce a code-free way for our USM Anywhere customers to make their own API-driven log collectors and custom parsers. This big advancement in threat detection and response technology will make it possible for customers to collect information from a much larger variety of sources and SaaS services without having to request new integrations or log parsers.

The introduction of mobile devices has rapidly changed the world as we know it, as these small gadgets that are intended to fit into the palm of our hands rapidly gained dominance over our day-to-day activities. Thanks to these portable devices, we now have access to an abundance of information available to us on demand with minimal effort.

In order to secure data and protect against threats like ransomware, it’s critical to take a unified approach to endpoint security. To help security teams achieve this. Lookout and AT&T are expanding their partnership with the introduction of the Lookout AlienApp, which complements existing endpoint protection integrations in the USM Anywhere platform and helps to make the concept of true unified endpoint protection a reality.

Cybersecurity starts with the ability to recognize your cyber risk. We will explore several topics related to taking a practical approach to managing risk and achieving cyber resilience. This is a blog series with collective thoughts from Bindu Sundaresan, Director AT&T Cybersecurity, and Nick Simmons, AVP, Cybersecurity. Cybercrime has become increasingly frequent, complex, and costly, posing a risk to all businesses regardless of size. How do you plan to respond when falling victim to a breach?

Let us start by defining Penetration Testing as a Service (also known as PTaaS) because there are several different definitions and variations being used throughout the industry. Some of the similarities include: This is where AT&T starts to differentiate itself from competitors. This next part we believe to be critical: There is a misconception about Penetration Testing as a Service, that it devalues the quality of testing.

Since AT&T launched its Vulnerability Scanning Service (VSS) in 2012, in partnership with DDI/HelpSystems, over 30 million devices have been scanned. The VSS provides vulnerability management services that help organizations identify vulnerabilities on their network and manage their swift remediation. Similarly, the AT&T Managed Vulnerability Program (MVP), launched in late 2020, allows organizations to assess their network without hiring IT professionals.

More companies are switching from on-premises systems to public cloud services, ensuring long-term growth and digital resilience. But as their implementations grow, they begin to realize that their exposure to cyberattacks and other risks grows as well. Cybersecurity is an essential practice for successful businesses. Adapting to business growth is a good problem to have, but without an eye on cloud security, that growth could cost you in the long run.

Containerization is a rapidly evolving technology in cloud-native applications. Just like computing systems, containers consist of packages of software programs with all the vital elements like binaries, files, and libraries for running an application in the environment from anywhere. Containers are lightweight, and DevOps teams develop applications and deploy services using them. Moreover, organizations also use these containers to deploy and scale the DevOps infrastructure like the CI/CD tools.

As manufacturers dash headlong into smart factory initiatives, the number of IoT devices operating in factories, warehouses, and across supply chain infrastructure is exploding. Manufacturers seek to utilize IoT in a range of places, be it video camera inspection devices on the assembly line, temperature sensors on refrigeration units, or maintenance telemetry sensors on factory equipment.

User account credentials are both a necessary component of normal operations and a critical vector for a malicious actor’s entrance into an enterprise environment. Compensating for the inherent risk of granting the end user access to corporate systems is a challenge in balancing usability with security. When a user with low-level privileges can have their credentials abused to gain increased levels of access, superior solutions to standard username-and-password schemes become necessary.

This blog was jointly written with Kumar Ramachandran, Senior Vice President, Palo Alto Networks Most people can recall a time when computers were pieces of equipment that remained in a fixed location. Because of this, security was less of an issue outside of an organization's own walls. That all changed when laptop computers and mobile devices ushered in the era of the mobile workforce.

This is the third part of a three-blog series on startup security. Please have a look at part one and part two. New companies often struggle with the question of when to start investing in information security. A commonly heard security mantra is that security should be involved since the very beginning and at every step along the way. While this is obviously true, it is quite detached from reality and provides little practical guidance.

The hybrid working model is the new norm due to its effectiveness and the productivity it offers. However, it does pose significant drawbacks to an organization's network security, making it vulnerable to several cyber-attacks such as credential harvesting.