All web traffic flowing out of your company network should be passing through a web proxy. These proxy logs are a great resource for threat hunting and security investigations, yet they often translate into extremely large volumes of data.
The factors that pose risks to companies are constantly changing. Clinging to a single defense strategy can be counterproductive, as this strategy can quickly become outdated and ineffective. As a managed service provider (MSP), you may have found that your customers are unwilling to consider new cybersecurity tools unless there is a problem, or they aren’t satisfied with their existing solution.
The Open Web Application Security Project (OWASP) has published the latest edition of its API Security Top Ten, which was first published in 2019. The Top Ten is a significant daughter list of the OWASP Top Ten, which is one of the most definitive lists of the most severe web application risks. Why is this important? What are its main findings? And what does this mean for application security?
While industries like financial services and healthcare tend to dominate in IT attacks, the tables are turned when looking at Operational Technology (OT) cyber attacks – and the energy sector is the clear “winner.” We spend a lot of time talking about attacks that largely impact IT systems. But OT environments are a growing concern as new targets for cybercriminals.
As attackers evolve their toolsets and processes, the significant drop in dwell time signifies a much higher risk to organizations that now have less time to detect and respond to initial attacks. This is bad news. Two years ago, the median dwell time – the time between gaining access to a network and executing the ransomware – was 5.5 days. Last year it was 4.5 days.
