Monster of the Week; ModSecurity Rules and WAF to the Rescue Thar be monsters. Crimes are increasingly digital, with tens of thousands of websites getting hacked every day, on average. Malware can spread from there, infecting customers and members of the business supply chain. You know about the SolarWinds and Colonial Pipeline hacks, but there […]
Cybersecurity Executive Order Demands Zero Trust Zero trust is a hot button of the 2021 Cybersecurity Executive Order, and not surprising. As the SolarWinds and Colonial Pipeline hacks illustrated, devices and sensitive systems are getting compromised through deceptive practices such as ransomware and the compromising of code assumed to be trusted. In response to these […]
(Federal agencies are challenged to protect legacy systems while complying with FISMA secure modernization. Atomicorp brings the best of both worlds for protecting existing and modernized hybrid architecture.) Nearly every organization employs a favorite old system or way of doing something, and agencies in the government and the Department of Defense are no different. We […]
“What is advanced FIM – file integrity monitoring? Leading FIM tools all inspect more than just files, they detect threats, prompt rapid response, and provide a foundation for compliance.” When there’s turnover and shortage of training, skills or personnel, companies turn to software, SaaS, and process automation from the cloud to help them run, manage […]
(File integrity monitoring tools are crucial for meeting security and compliance requirements, but they’re also critical to answering the most important question when something happens: What changed? The following blog and FIM whitepaper explore compliance challenges and empowering agents such as FIM.) Compliance challenges. Manually going through logs. Auditing. Tired human eyes missing evidence of […]
What is a workload? Among non-techy or more traditional sorts, ‘workload’ means the things we have on our plates, those things we must attend to or accomplish. But workload has a more modern meaning in the context of computing disciplines such as compute/analyze/store, cloud workload automation, cloud workload protection/cloud workload security, and an enigmatic thing […]
Anything that touches anything else that touches cardholder data is part of your state of security and must be included in your security program. The following blog discusses the importance of PCI compliance, how… with clouds forming… visibility and secure control can get lost, and what you can do about it. What is PCI and […]
An open source DevSecOps approach enables small to midsize enterprises to keep pace with security threats as digital business expands. Atomic OSSEC intrusion detection and Atomic Protector cloud workload protection solutions reflect this open source DevSecOps approach, helping small IT teams to rapidly secure the services and apps they must deliver. Cyber-attacks are getting increasingly […]
OSSEC users can deploy security capabilities like file integrity monitoring and host-based intrusion detection system (HIDS) faster and get fuller value via an Atomic OSSEC SaaS model. Atomicorp now offers its Atomic OSSEC security platform through an easy software as a service (SaaS) delivery model. Offering Atomic OSSEC via SaaS provides customers with a number […]
DevSecOps… it’s just another buzzword, isn’t it? *** Bzzzzz… Business Transformation. Digital Transformation. Infrastructure Modernization. The cloud and software as a service (SaaS). Virtualization and abstraction. Turnkey automation and orchestration Edge computing. VMs and containers. DevOps. Do more with less. WIth all this buzz and transformation, the security function risks falling behind. But security has […]