Atomicorp is pleased to support Red Hat today in the launch of the Red Hat Marketplace, Red Hat Marketplace is an open cloud marketplace for enterprise customers to discover, try, purchase, deploy, and manage certified container-based software across environments—public and private, cloud and on-premises. Through the marketplace, customers can take advantage of responsive support, streamlined […]
This is part 3 of a 7-part series about PCI DSS compliance in the cloud. How to Support Continuous PCI Compliance with Workload Auditing and SIM/FIM PCI requires organizations to conduct “continuous compliance” on all systems touching cardholder data, rather than just annual PCI audits. SIM and FIM technologies detect changes to the workload, […]
This is part 2 of a 7-part series on PCI compliance in the cloud. Most businesses have assets in their environments that they aren’t aware exist. For instance, if a virtual machine is de-provisioned in the cloud environment, its file system may still live on − unprotected, unaudited, and but still inside the scope of […]
This is part 1 of seven-part series on achieving PCI compliance in the cloud. Shared Responsibility isn’t as easy as it sounds When businesses sign a service level agreement with a cloud provider, they may believe the provider will protect everything in their cloud− infrastructure and applications alike. But in each contract there is […]
OSSEC, which is short for open source security, was founded in 2004. It is an open source project for cybersecurity and delivers the most robust endpoint detection and response (EDR) capabilities available to enterprises today. Scott Shinn, OSSEC project manager, introduced its most recent update to 3.0 at the OSSEC conference this past April. In […]
What happened? Many of us woke up to the news that the data of 100 million people were exposed when Capital One’s Amazon servers were breached by Seattle-based hacker. While information about the specifics of the breach may never be known by the public, this staggering data loss is exceptionally instructive for organizations moving critical […]
With more than 500,000 downloads per year and hundreds of thousands of active installs, OSSEC is the world’s most widely used open source host-based intrusion detection system (HIDS). OSSEC is used by organizations in virtually every industry and geography to meet critical security and compliance requirements both on-premise and in the cloud. The open source […]
Cyber Security Red Teams have become a common tool for testing enterprise cyber security. They attempt to penetrate security defenses as if they were hackers. Red Teams are motivated to be creative and determine the best way to circumvent security measures in place, sometimes by any means possible. Mike has been red teaming since the […]
Why do hackers want to break in? It’s a question that has been asked in lots of different ways. From why would they want to? Why would they care? And this is a really good question to ask yourself and to try and understand because often times people tend to look at what they’re protecting […]
Virtual patching is a way of implementing a security policy to eliminate or mitigate a vulnerability. It is not actually patching, but is a way to do something quick and external to the application. Why not just use a patch? Sometimes there is no patch available and other times speed is of the essence. And, […]