There is no such thing as perfect security. Therefore, having robust detection capabilities is key to determining if you have been hit with a cyber attack that evaded your protection capabilities. One of the most important detection and compliance capabilities today, file integrity monitoring (FIM) provides the ability to detect signs of intrusion or improper […]
Federal Information Processing Standard 140-2 (FIPS 140-2) is a requirement for U.S. government organizations and contractors, a government security mandate designed to evaluate and approve encryption solutions serving the federal supply chain. It calls for security by a cryptographic module, and employs a security accreditation program for assessing private sector company security solution capabilities against […]
As organizations start to think about what their organizations will look like post-COVID, including potential permanent work-from-home situations to support the radical shifts in remote work technology adoption, there is yet another question looming: Are you getting ready for CMMC? Will you be ready? CMMC, or Cyber Maturity Model Certification, is a U.S. Dept of […]
Leverage open source security (OSSEC) for file integrity monitoring (FIM), easier compliance, and to accelerate overall enterprise-strength security. 2020’s shift to large-scale remote work and distributed computing forced IT teams to roll out new or expanded services just to keep the business running. 2021 must be about reinforcing security and compliance across this rapidly- and […]
The widely reported December 2020 hack of the SolarWinds Orion network performance monitoring system employed a sophisticated series of takeover steps that included backdoors, expired domains, the use of Orion itself as a vector, compromised credentials, and malware implants, all to steal data and compromise systems. The attack, referred to as Sunburst, Sunburst Backdoor, and […]
You may have started to see greater usage of the term “lateral movement” with regards to cyber attacks. Long a directional and network traffic term, lateral movement now commonly means unauthorized connection and sharing of files between two or more internal endpoints. While an initial breach usually comes from the outside, lateral movement occurs when […]