We all know the perks of allowing employees to work remotely. From lower overhead (less snacks and drinks to provide) to increased productivity and job satisfaction, working from home is becoming more and more common in today’s business landscape. Unfortunately, with this system comes many data security risks to consider. With so many devices being used for work and various network connections to monitor, how can you allow your employees to work remotely and still maintain data security?

If you use a free VPN, then you have to wonder how your provider earns money to cover their own costs. The answer often involves advertising, but it can also be through far more sinister means. Running a VPN service costs a significant amount of money. There are setup costs, infrastructure costs, labor and other running costs. The companies behind these services generally want to make a profit as well.

Threat hunting is the practice of iteratively and proactively hunting for threats or Advanced Persistent Threats (APT) that are launched by adversaries. Unlike traditional security systems such as antivirus program, firewalls, or SIEM, who use a reactive approach to threats, threat hunting utilizes a proactive approach to pursuing threats even before they compromise organization’s network or IT infrastructure.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Looks like the year is ending with some IoT hell. Nice…. First off we have international news of drones keeping planes on the ground at a major airport causing total chaos with no idea how to deal with it.

Although often used interchangeably, risk appetite and risk tolerance distinguish themselves from one another in a nuanced way. While most regulations and standards focus on the risk management process, few clearly define the differences between these terms in a meaningful way. However, to create an effective cybersecurity program, you need to be able to separate risk appetite from risk tolerance so that you can develop appropriate controls to protect data.

It’s been a great year for Detectify and there’s a lot that’s happened for us as we continue to grow our teams and business. Join us for a proverbial toast to the year as we share a recap of our highlights.

Tripwire has demonstrated its ongoing commitment to meeting U.S. government and internationally recognized security standards by achieving the most current Common Criteria standards for its latest version of Tripwire IP360’s 9.0.1, specifying the certification as “Evaluation Assurance Level 2 augmented with Flaw Remediation” (EAL2+).

Malware Analysis is the process whereby security teams such as Incident Response Handlers perform a detailed analysis of a given malware sample and then determine its purpose, functionality, and potential impact. Conducting malware analysis manually is a cumbersome and time-consuming process as it involves a lot of security professionals, resources, and budget.