Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


Finding CVE-2022-22954 with Zeek

CISA released a warning to federal agencies on May 18 that APT actors are actively exploiting recent vulnerabilities found in VMware, including CVE-2022-22954. Your first thought may have been to want new signatures, indicators, and/or behavioral techniques to detect attempted and successful exploits. If you’re a Zeek user or Corelight customer, you’ll find that sometimes you’re already getting what you need.

Improving AWS Security Services with Sysdig Secure

One of the primary goals of information security is to protect data, which of course entails protecting the resources that store and provide access to that data. According to the NIST Cybersecurity Framework, organizations need to develop and implement the necessary protections to restrict or mitigate the effect of a possible cybersecurity incident. Security should be integrated right from the source of the cloud architecture design process.

Outsourcing your SOC

With businesses constantly at risk of cyber threats, leveraging a Security Operations Centre (SOC) is one way for organisations to proactively monitor and manage their threat landscape. Whether it’s in-house or outsourced, a SOC can help companies implement a process-driven security framework that secures business information against the constant threat of a cyber attack.

Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022

Popular for compromising internet-connected devices and conducting distributed denial of service (DDoS) attacks, Mirai malware variants have been known to compromise devices that run on Linux builds ranging from mobile and Internet of Things (IoT) devices to cloud infrastructures.

How to access AWS Console using AWS IAM

This blog post explores the traditional authentication and authorization processes to AWS Management Console, and how Teleport can replace them to further secure and audit your Infrastructure Access for AWS. You can access your AWS Management Console through a variety of methods. If a user has AWS Administrator or Root Access, they can see and edit all infrastructure in its entirety. AWS has multiple tools available to mitigate access, but are they enough?

Critical Capabilities for SSE: Securing Cloud Usage When Shadow IT is the Norm

With the release of the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE) there is an abundance of information on the newest framework created to address security requirements in a cloud-first world. SSE was introduced in 2021 to refine Secure Access Service Edge (SASE) by focusing on the convergence of security capabilities within the framework. Check out my blog breaking down SSE and SASE for a more in depth explanation.

How Legal Organizations Can Address The Evolving Threat Landscape

Of the many industries attracting threat actor attention, the legal sector is gaining heightened interest from run-of-the-mill cybercriminals and nation-state actors alike. In late February, the State Bar of California disclosed that it experienced a breach allowing access to thousands of case records and case profile data, along with confidential court records.

FedRAMP Certification: The 'New Normal' for Public Sector Agencies?

In the realm of cloud security, public sector agencies have a lot on their plates. From keeping up with the barrage of constantly emerging security guidelines (see below) to the ongoing demands of maintaining software security, the pressure on the government to lock down cybersecurity is immense.