Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Open-source intelligence (OSINT) is essentially any information that can be obtained from publicly available sources. The practice of collecting this information is not new; in fact, in the early 1990s, the Deputy Director of the CIA asserted that over 80% of CIA analysis came from open-source information. Maps, phone books, printed materials, news reports, and other forms of content can provide a lot of information if one knows where and how to look.

While the internet grows, so does the online presence of businesses of every scale. Although this allows for seamless business operations, you have to also consider the risks involved. Since organizations rely on networks to carry out their activities and utilize a wide range of networking components like routers, switches, servers, firewalls, and VMs, all of which demand continuous end-to-end management, it is critical to protect and defend these networks from threats and attacks.

A SIEM solution has become an integral part of an organization’s security arsenal. But organizations often overlook the system’s capabilities, owing to a belief that SIEM functionalities are too complex and the architecture inscrutable. Regrettably, they neglect to meet the requirements of their organization with the features of the product. For instance, an organization that deals with the credit card information of customers needs to comply with the PCI-DSS requirement.

Financial organizations employ the process of customer due diligence to gather and assess pertinent data about current and prospective clients. By analyzing data from many sources, it seeks to identify any possible risks to the financial institution associated with doing business with a certain organization or person.

Unlike before, software used to come in a compact disk and be distributed through stores, today’s software distribution process is simplified as you can buy them online. Cybercriminals actively look for files to tamper with. If they get the source code of your software, inserting malware into the software will not take long. Hence, code signing is essential to save your users from such attacks.

“Knowing what’s on your network is the first step for any organization to reduce risk.” -CISA Director, Jen Easterly. On October 3, the Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks.

Welcome to the final episode in our blog series focused on Mobile Endpoint Security. The first two episodes detailed the protections necessary to secure data accessed by remote workers (Endpoint security and remote work) and best practices for combating the threat of ransomware 5 ways to prevent Ransomware attacks).

Have you ever heard an IT security pro talk about their POA&M and wondered what they meant? You’re not alone. Many security consultants and engineers are uncertain about the meaning of the acronym “POA&M”. It stands for Plan of Actions and Milestones. It’s a commonplace term within military and defense working environments.

A Denial-of-Service (DoS) is an attack meant to shut down a machine or network, making it inaccessible to its intended users, so dos Kubernetes is a potential target. In the case of Distributed Denial-of-Service (DDoS), the attacker will look to maintain some form of anonymity so their activities cannot be traced. They can route traffic through Tor and VPN infrastructure to scan, attack, or compromise the target, while maintaining anonymous communications.

Protecting data is more mission-critical to businesses than ever before. Nearly every business process is tied to data, meaning that security teams need to streamline their monitoring, detection, and investigation processes. Centralized log management gives security teams the resources they need when they need them. Understanding how to use your log management solution for security monitoring can help you successfully mitigate risk and reduce cost.