A ModSec answer to the void after Trustwave ends new features and eventual support for ModSecurity Rules

Posted on by Mike Shinn

As you may have read, on August 21, 2021, Trustwave, a longtime support mechanism for ModSecurity implementations, announced the end of support and development for ModSecurity Rules and WAF solutions. This departure leaves a potential gap in technical support for organizations or individual security developers wanting to continue to use the ModSecurity foundation and a […]

Atomic ModSecurity Rules and Expertise for Web Hosting and Enterprise Web Assets

Posted on by Mike Shinn

Growing Web Applications Require DevSecOps Shift: ModSec Can Help Web-based attacks, such as credential theft, code injection, SQLi, XSS, CSRF, malware, ransomware, denial of service (DoS) and others make digital transformation and cloud migration a potential losing trade-off. With every additional internet- and cloud-based app or connection comes new unknown vulnerabilities and risks to operations. […]

Always Check the Spark Plug and Other Lessons in Cybersecurity

Posted on by Mike Shinn

Rule 1: First check the spark plugs! It’s a lesson my brother, Scott, and I learned as young men decades ago in high school. It’s something we even painted on the wall of our parents’ garage.  And it’s an idea that’s been applicable in our work in software development and cybersecurity ever since. The principle […]

Tune In to OSSEC Conference 2021 – Featuring FIM, the Hottest Hits (Rust), and the Golden Oldies (AIX, HP-UX, Solaris, Windows End of Life)

Posted on by Mike Shinn

Webcasts and videos continue to bolster skills (watch this ‘hands-on’ professional… take an online guitar lesson, see how to fix your boat’s motor…), and it is no different in cybersecurity. Join Atomicorp and technology partners for OSSEC Conference 2021, where, in a four-day virtual conference, Open Source Security (OSSEC) will be discussed, analyzed, practiced, and […]

File Integrity Monitoring (FIM) Tools and HIDS – the Foundation for Security and Compliance in a Cloudy World

Posted on by Mike Shinn

File integrity monitoring (FIM) tools and a host-based intrusion detection system (HIDS) are the foundation for security and compliance, including NIST, PCI-DSS, GDPR, and more. HIDS (host-based intrusion detection system) is a security system that monitors the computing devices on which it is installed, the traffic between devices, the containers on the device, and that […]

Defend Against Monster Web Attacks With Atomic WAF (Web Application Firewall) and Atomic ModSecurity Rules

Posted on by Mike Shinn

Monster of the Week; ModSecurity Rules and WAF to the Rescue Thar be monsters. Crimes are increasingly digital, with tens of thousands of websites getting hacked every day, on average. Malware can spread from there, infecting customers and members of the business supply chain. You know about the SolarWinds and Colonial Pipeline hacks, but there […]

FIM and Four Pillars for Zero Trust Architectures – a ZTA Whitepaper

Posted on by Mike Shinn

Cybersecurity Executive Order Demands Zero Trust Zero trust is a hot button of the 2021 Cybersecurity Executive Order, and not surprising. As the SolarWinds and Colonial Pipeline hacks illustrated, devices and sensitive systems are getting compromised through deceptive practices such as ransomware and the compromising of code assumed to be trusted. In response to these […]

Secure Modernization vs. Legacy Systems? FISMA, Government and the DoD

Posted on by Mike Shinn

(Federal agencies are challenged to protect legacy systems while complying with FISMA secure modernization. Atomicorp brings the best of both worlds for protecting existing and modernized hybrid architecture.) Nearly every organization employs a favorite old system or way of doing something, and agencies in the government and the Department of Defense are no different.  We […]

Six Ways to Employ FIM Toward Security and Compliance

Posted on by Mike Shinn

“What is advanced FIM – file integrity monitoring? Leading FIM tools all inspect more than just files, they detect threats, prompt rapid response, and provide a foundation for compliance.”  When there’s turnover and shortage of training, skills or personnel, companies turn to software, SaaS, and process automation from the cloud to help them run, manage […]

Meet PCI-DSS and Compliance Requirements With File Integrity Monitoring Tools (FIM) From Atomicorp

Posted on by Mike Shinn

(File integrity monitoring tools are crucial for meeting security and compliance requirements, but they’re also critical to answering the most important question when something happens: What changed? The following blog and FIM whitepaper explore compliance challenges and empowering agents such as FIM.) Compliance challenges. Manually going through logs. Auditing. Tired human eyes missing evidence of […]