Security

Practice vs Maturity in CMMC 2.0 Framework

Dec 15, 2021 By Ignyte In Ignyte

When CMMC was first introduced by the DoD, its purpose was to “normalize and standardized cybersecurity preparedness across the federal government’s Defense Industrial Base or DIB.” Essentially, they recognized a weakness in cybersecurity hygiene practices in their supply chain, and so CMMC became the standard the DIB would be “graded” by to ensure the protection of sensitive or Controlled Unclassified Information (CUI).

View Video

Ignyte

Read more about Practice vs Maturity in CMMC 2.0 Framework

58% of Orgs Are Using a Vulnerable Version of Log4j

Dec 15, 2021 By Hope Goslin In Veracode

On December 9, 2021, a zero-day vulnerability in Log4j 2.x was discovered. This vulnerability is of great concern because if it’s successfully exploited, attackers are able to perform a RCE (Remote Code Execution) attack and compromise the affected server. Since we are a cloud-based Software Composition Analysis (SCA) provider, we have useful customer data that gives insight into the scope of the Log4j vulnerability.

Read Post

Veracode

Read more about 58% of Orgs Are Using a Vulnerable Version of Log4j

Flow Use Case: Limit Intruder Dwell Time

Dec 15, 2021 By Devo In Devo

In this use case, a hypothetical attacker used an exploit against our machine in the local network, which triggered an alert from an external security service. Our external service does not provide additional details about the threat. We will use this Flow to combine the external service data and the data extracted by Devo to check if there's any data flow from the victim to the attacker.

View Video

Devo

Read more about Flow Use Case: Limit Intruder Dwell Time

Building a Foundation for Zero Trust

Dec 15, 2021 By Tripwire In Tripwire

Join Tim Erlin, VP Product Marketing and Strategy, Tripwire, as he shares results from our recent research around Zero Trust and discusses the role of integrity when it comes to Zero Trust Architecture.

View Video

Tripwire

Read more about Building a Foundation for Zero Trust

Addressing Log4j2 Vulnerabilities: How Tripwire Can Help

Dec 15, 2021 By Jess Glackin In Tripwire

On December 9th 2021, Apache published a zero-day vulnerability (CVE-2021-44228) for Apache Log4j being referred to as “Log4Shell.” This vulnerability has been classified as “Critical” with a CVSS score of 10, allowing for Remote Code Execution with system-level privileges. If you are currently working to identify instances of this vulnerability, Tripwire can help.

Read Post

Tripwire

Read more about Addressing Log4j2 Vulnerabilities: How Tripwire Can Help

Cybersecurity Standards, Ransomware, and Zero Trust: 3 Key Considerations for the UK Government

Dec 15, 2021 By Tripwire Guest Authors In Tripwire

In September 2021, Tripwire released its annual report to examine the actions taken by the U.S. federal government to improve cybersecurity. The report also looks at non-government organizations so that we may catch a glimpse of the differing views and approaches of each, which makes for interesting (and revealing) insights.

Read Post

Tripwire

Read more about Cybersecurity Standards, Ransomware, and Zero Trust: 3 Key Considerations for the UK Government

Close Out Construction Projects Without the Administrative Hassle

Dec 15, 2021 By Chris Schmitt In Egnyte

Properly closing out construction projects can be a major administrative hassle that takes time away from more productive tasks. Not only do you have to identify and retain your contracts, warranties, and proof of completions, but you also must remove team members who no longer require access to systems and folders. It’s typically a very manual process—but it doesn’t have to be.

Read Post

Egnyte

Read more about Close Out Construction Projects Without the Administrative Hassle

Easily Find and Secure Sensitive Data in Gmail with Egnyte

Dec 15, 2021 By David Buster In Egnyte

Gmail is an immensely popular service, with nearly 2 billion active accounts. And as the service has grown, businesses have turned to it for all kinds of things it was never meant to do: user authentication, password recovery, and perhaps most problematic, the passing of sensitive or regulated data between parties.

Read Post

Egnyte

Read more about Easily Find and Secure Sensitive Data in Gmail with Egnyte

Creating a custom Temporal data convertor for encryption

Dec 15, 2021 By Chris Cowell In Nightfall

Nightfall is a data security vendor that integrates with our customers’ third party applications (Slack, Google Drive, Github, Jira etc) to, on a continuous real-time basis, scan all content being added to these applications for sensitive data.

Read Post

Nightfall

Read more about Creating a custom Temporal data convertor for encryption

CMMC 2.0 L1 & L2 Scoping Guidance Explained

Dec 15, 2021 By Ignyte Team In Ignyte

Aaron McCray, Ignyte’s Chief Operating Officer, is giving a brief overview of the changes to CMMC 2.0, and more specifically its Practice levels vs Maturity levels in the video below. Aaron is a commercial risk management leader by trade and a Commander in the U.S. Navy Reserves.

Read Post

Ignyte

Read more about CMMC 2.0 L1 & L2 Scoping Guidance Explained

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Practice vs Maturity in CMMC 2.0 Framework

58% of Orgs Are Using a Vulnerable Version of Log4j

Flow Use Case: Limit Intruder Dwell Time

Building a Foundation for Zero Trust

Addressing Log4j2 Vulnerabilities: How Tripwire Can Help

Cybersecurity Standards, Ransomware, and Zero Trust: 3 Key Considerations for the UK Government

Close Out Construction Projects Without the Administrative Hassle

Easily Find and Secure Sensitive Data in Gmail with Egnyte

Creating a custom Temporal data convertor for encryption

CMMC 2.0 L1 & L2 Scoping Guidance Explained

Monthly Archive

Follow Us