In the second of our three-part series, we highlight the most common cloud security challenges. When migrating infrastructure and services to the cloud it is vital to establish a clear strategy to avoid new security risks. As moving to the cloud can vastly widen the attack surface, it’s important to check whether current security controls will still be effective when migration is complete.
We asked Samy Denno, the Head of our SOC, to give us an insight into managing a busy security operation and tell us what it takes to start out as an analyst.
This post outlines why endpoint telemetry is now fundamental to reducing the time taken to identify and remediate security incidents.
Preparation is as essential in cyber security as it is in any other walk of life. To effectively defend against the latest threats, a proactive approach is required, whereby security controls and processes are regularly assessed to ensure they are fit for purpose.
Zerologon (CVE-2020-1472) is a critical vulnerability in the Windows Server Netlogon process authentication process. Following our recent Security Advisory, immediate patching of the vulnerability is strongly advised. To help determine whether your organisation has been compromised as a result of an attacker exploiting the vulnerability (even prior to a patch being installed), Redscan Labs has developed a Zerologon detection tool.
Cloud security is the implementation of security controls to protect confidential information stored in cloud environments and reduce the risk of data breaches. Effective cloud security involves regularly assessing and hardening defences, ensuring broad threat visibility and rapidly responding to threats.
A critical CVSS:10 vulnerability (CVE-2020-1472) in the Microsoft Netlogon process was patched in the August patch cycle, but details were not made public until earlier this week (14th September).
During the COVID-19 pandemic, more UK employees have worked from home than ever before. According to a YouGov survey, around one in five people went from never working from home to doing so constantly. Coronavirus and the resulting lockdown have significantly increased cyber security risks for organisations, with many lacking sufficient controls to protect workers outside the workplace. This has been compounded by threat actors seeking to exploit the crisis.
We asked our Head of Threat Intelligence, George Glass, to share his expert view on the threats that security teams need to be aware of and to tell us what it is he loves about working in the industry.
Some organisations fully outsource their cyber security requirements to MSSPs, while others only outsource specific aspects. MSSPs differ from MSPs (Managed Service Providers) in that they specialise in cyber security. By contrast, MSPs are more focused on the remote management of IT infrastructure. Many MSPs do offer security services but, owing to the highly specialised nature of cyber security, some chose to partner with MSSPs.
