Atomic OSSEC SIEM collects, distills and analyzes severity-based threat, vulnerability, and FIM events, and other indicators of attack. A security information and event management (SIEM) system is only as good as the quality of information it provides. Too many alerts and too many data points can result in mountains of data for security engineers, analysts, […]
Continue to meet FedRAMP security control requirements, amid uncertainty, with Atomicorp NIST 800-171 compliance solutions. The U.S. Federal Risk and Authorization Management Program (FedRAMP) codifies and standardizes the security required by cloud service providers in protecting federal unclassified information. FedRAMP security controls define the standards by which federal agencies and third-party assessors measure and assess […]
(Facilitate NIST 800-171 and ISO 27001 compliance with the NIST 800-171 security controls in Atomic OSSEC, the most advanced version of OSSEC HIDS.) NIST Special Publication (SP) 800-171 is a security compliance guideline that primarily affects government contractors and suppliers to the DoD. Federal agencies require NIST 800-171 adherence in contractual agreements with nonfederal organizations […]
PCI DSS Version 4.0 Deadline: March 31, 2025 Payment Card Industry Data Security Standard, version 4.0 (i.e., PCI DSS v.4.0), is effective March 31, 2025. Organizations intending to remain in compliance with Payment Card Industry credit card data protection requirements must be transitioned to the new PCI Data Security Standard, version 4.0 by this date. […]
Open source WAF ModSecurity downloads are available from Atomicorp, which also offers ModSecurity support. ModSecurity Download for Resellers and Web Hosting Managers For many organizations, the future of ModSecurity for web application security became uncertain following Trustwave’s 2021 decision to no longer develop and provide ModSecurity support. In this void, long-time ModSecurity Rules provider Atomicorp […]
Zero trust principles shouldn’t only be applied to the untrusted internet and traffic from the web. The security perimeter—no matter how dynamic—isn’t foolproof and can be breached and bad actors can get inside in a number of ways. Be able to stop a threat that has already penetrated your core by filtering east-to-west traffic and […]
Atomic ModSecurity Rules and Atomic WAF filter traffic between your web servers, web connections and the internet, blocking known malicious sources, sites and users, while supporting secure access for authentic connection points and users. Learn More Web-Based Bombardment Requires Continuous WAF Enhancement Inbound traffic from the internet represents the most frequent source of onslaught upon […]
By Scott Shinn (Are your AIX servers safe against advanced persistent threats? Boost AIX server security and block lateral movement into Windows and Linux environments—with Atomicorp.) The AIX Server Hack in Review AIX is a venerable operating system still employed by an estimated tens of thousands of global organizations, including many Fortune 500 companies. It […]
By Dean Lombardo What is malware memory analysis? This article explores the important role of malware memory analysis in fileless malware detection. Hackers and malware programs don’t need files to infect your computer systems. They can inject malicious code directly into system memory, often after tricking a user into clicking on an attachment or link. […]
By Scott Shinn A file integrity monitoring (FIM) system performs the crucial role of detecting system and file changes and determining the who, what, and where. FIM is a requirement of many security and privacy system integrity (SI) standards and regulations and an early warning system for when an intruder or malware strikes. File integrity […]