Continuing Our Open Source Commitment through Red Hat OpenShift

Posted on by Mike Shinn

Atomicorp is pleased to support Red Hat today in the launch of the Red Hat Marketplace, Red Hat Marketplace is an open cloud marketplace for enterprise customers to discover, try, purchase, deploy, and manage certified container-based software across environments—public and private, cloud and on-premises. Through the marketplace, customers can take advantage of responsive support, streamlined […]

PCI Compliance in the Cloud: File Integrity Monitoring and Workload Auditing

Posted on by Mike Shinn

This is part 3 of a 7-part series about PCI DSS compliance in the cloud. How to Support Continuous PCI Compliance with Workload Auditing and SIM/FIM    PCI requires organizations to conduct “continuous compliance” on all systems touching cardholder data, rather than just annual PCI audits.  SIM and FIM technologies detect changes to the workload, […]

Posted in Uncategorized | Comments Off on PCI Compliance in the Cloud: File Integrity Monitoring and Workload Auditing

Security State: The Invisible Condition That Impacts Your PCI

Posted on by Mike Shinn

This is part 2 of a 7-part series on PCI compliance in the cloud. Most businesses have assets in their environments that they aren’t aware exist. For instance, if a virtual machine is de-provisioned in the cloud environment, its file system may still live on − unprotected, unaudited, and but still inside the scope of […]

Who’s Responsible for PCI Compliance of Your Cloud Workload

Posted on by Mike Shinn

  This is part 1 of seven-part series on achieving PCI compliance in the cloud.   Shared Responsibility isn’t as easy as it sounds When businesses sign a service level agreement with a cloud provider, they may believe the provider will protect everything in their cloud− infrastructure and applications alike.  But in each contract there is […]

Podcast: What is OSSEC and Why People Use It

Posted on by Mike Shinn

OSSEC, which is short for open source security, was founded in 2004. It is an open source project for cybersecurity and delivers the most robust endpoint detection and response (EDR) capabilities available to enterprises today. Scott Shinn, OSSEC project manager, introduced its most recent update to 3.0 at the OSSEC conference this past April. In […]

What the Capital One Breach Shows Us About Cloud Workload Protection

Posted on by Mike Shinn

What happened?  Many of us woke up to the news that the data of 100 million people were exposed when Capital One’s Amazon servers were breached by Seattle-based hacker.   While information about the specifics of the breach may never be known by the public, this staggering data loss is exceptionally instructive for organizations moving critical […]

Improving OSSEC Manageability, Security, and Compliance with Atomic Enterprise OSSEC

Posted on by Mike Shinn

With more than 500,000 downloads per year and hundreds of thousands of active installs, OSSEC is the world’s most widely used open source host-based intrusion detection system (HIDS).  OSSEC is used by organizations in virtually every industry and geography to meet critical security and compliance requirements both on-premise and in the cloud. The open source […]

Podcast: What the Equifax Hack Tells Us About Cybersecurity

Posted on by Mike Shinn

The Equifax data breach quickly arose to become one of the most notorious in history. It was large. Over 147 million people had their financial records exposed to hackers. At least as of March 2018 that was the number. It has been revised upward a number of times and there could be more. The data […]

Podcast: What is a WAF and How Are They Different from Firewalls

Posted on by Mike Shinn

Web application firewalls (WAFs) have become ubiquitous in our always connected, cloud-driven world. Any device that is exposed to the internet is vulnerable and WAFs can eliminate the risk of entire classes of attacks and vulnerabilities from ever threatening system security. However, not all WAFs and configurations are created equal. Good WAFs block what you […]

Podcast: OSSEC, SIEM and Log-based Intrusion Detection Systems

Posted on by Mike Shinn

Atomicorp’s CEO Mike Shinn walks through his experience with logging, SIEM and OSSEC approaches. He breaks down what is important and how the logging space has evolved over the past 20 years from a security perspective, including the introduction of security automation. Log-based Intrusion Detection System – LIDS Log-based intrusion detection (LIDS) was one of […]