Network Security
Network Security news, information, and how-to advice
Review: Protecting clouds with Cloud Defender from Alert Logic
Cloud Defender is a user-friendly tool that lets local IT staff inspect their cloud deployments to look for evidence of hidden threats or breaches. But it can also be used in a SaaS model, with the cybersecurity team at Alert Logic...
Negative motivation is not positive engagement
The barrage of fearmongering and FOMO over social media and advertising leads to a vicious cycle of negative engagement that builds anger and frustration that can’t be addressed by buying new products. We can break the cycle through...
White Paper
Phish Tales: Cautionary Stories for Businesses
Cybercriminals just need to get one employee to open an email attachment or click on a link for a phishing attack to be effective. Once they infiltrate your network, there are many possibilities to where they can go. The email
Nation state attacks – the cyber cold war gets down to business
Cyber weaponry is moving to new frontiers: yours. Businesses are the next target on the nation state menu. Are you protected or vulnerable?
video
Is it time to kill the pen test? | Salted Hash Ep 22
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping...
Hottest cybersecurity products at RSA 2018
Here's a quick run-down of some of the new products announced at the conference, or shown there for the first time.
Want IT resiliency? Stop the see-saw of imbalanced attention
As cyber threats continue to grow among companies with sensitive data, IT must take a holistic approach to managing and mitigating these threats. Here’s how to bridge preventative and restorative measures for IT resiliency.
White Paper
Firewall Best Practices to Block Ransomware
Recent ransomware attacks like Wanna and Petya have spread largely unchecked through corporate networks in recent months, extorting money to restore your data and regain control of your computers. Modern firewalls are purpose-built to
Insider threat legalese
Understanding your lawyer’s perspective on insider threats...and three suggestions to help start the conversation.
Your cache is exposed
On February 28, Akamai recorded a 1.35 Tbps DDoS attack driven by a relatively new vector, memcached reflection. Memcached can have an amplification factor of roughly 500,000 times larger than the initial query, which allows small set...
How to hire the right analysts for your intelligence program
As someone who’s been deeply involved in virtually every aspect of hiring and job-seeking in security and intelligence, I can attest firsthand that while the process is rarely easy, it’s worth the effort.
How can SOC analysts hunt more efficiently? By not hunting
To win the battle against today’s sophisticated cyber threats, security analysts must disrupt a kill chain or lateral movement attack early in the process. Achieving success requires pinpointing the real threat amidst a never-ending...
White Paper
Testing Endpoint Security Guide
No organization can afford ineffective endpoint security that fails to provide protection against the broad spectrum of rapidly evolving real-world threats. In the interest of helping organizations to perform thorough measurements of
4 open-source Mitre ATT&CK test tools compared
Any of these tools from Endgame, Red Canary, Mitre, and Uber will get your red team and pentesters started with Mitre's ATT&CK framework.
For endpoint security, trust but verify
Your organization might eventually fall victim to a data breach but creating checks and balances to maintain a layered data security approach can help you come out the other side with fewer losses.
Software-defined perimeter: Important initiative, ineffective name
A geeky and confusing name doesn’t communicate business, privacy, and security benefits. Instead of software-defined perimeter, I suggest ubiquitous security access services (USAS).
Turbo-charging your single sign-on solution
A comprehensive privileged password manager fills the SSO gaps and boosts overall data security.
Video/Webcast Sponsored
If You Can't See It You Can't Stop It - Network Firewalls' Dirty Little Secret
On average, 60% of Network traffic is unidentifiable by network firewalls*. Which means ransomware, advanced threats, and active adversaries are happily entering your network. Why? Because every firewall on the market uses application
Verizon report: Ransomware top malware threat of 2017, moving into critical systems
DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.
The value of 20/20 hindsight in cybersecurity
Security will find indications of compromise revealed in public disclosures exponentially more valuable if they find a way to go back and compare historical data against the new intelligence.
Taking a bite-sized approach to security automation and orchestration
Gradual, focused implementation lets you educate your team and course correct as needed.
What is Mitre's ATT&CK framework? What red teams need to know
The ATT&CK framework allows security researchers and red teams to better understand hacker threats.
Sponsored Links