Atomicorp Continues Commitment to ModSecurity Rules Software, Service and Expertise as Trustwave ‘Sunsets’ ModSec Support

CHANTILLY, Va., Nov. 23, 2021 / – Atomicorp, an endpoint and cloud workload protection vendor, today announced an ongoing commitment to provide commercial support for ModSecurity users, including subscription rule sets and professional support. ModSecurity, an open source web application firewall (WAF) that organizations use to protect web applications and sites from web attacks, has […]

Atomic ModSecurity Rules and Expertise for Web Hosting and Enterprise Web Assets

Growing Web Applications Require DevSecOps Shift: ModSec Can Help Web-based attacks, such as credential theft, code injection, SQLi, XSS, CSRF, malware, ransomware, denial of service (DoS) and others make digital transformation and cloud migration a potential losing trade-off. With every additional internet- and cloud-based app or connection comes new unknown vulnerabilities and risks to operations. […]

How to Use OSSEC to Comply With NIST 800-171, A Real-World Use Case

Written By Paul Veeneman, CISSP, CISM, CRISC, CMMC-RP During Atomicorp OSSEC Conference 2021, Paul Veeneman, CISSP, CISM, CRISC, CMMC-RP, described how he solves audit and accountability (AU) control and other compliance challenges in NIST 800-171. Complying With NIST-800-171 NIST 800-171 provides guidance to federal agencies to safeguard controlled unclassified information (CUI), and seeks to establish […]

Always Check the Spark Plug and Other Lessons in Cybersecurity

Rule 1: First check the spark plugs! It’s a lesson my brother, Scott, and I learned as young men decades ago in high school. It’s something we even painted on the wall of our parents’ garage.  And it’s an idea that’s been applicable in our work in software development and cybersecurity ever since. The principle […]

Tune In to OSSEC Conference 2021 – Featuring FIM, the Hottest Hits (Rust), and the Golden Oldies (AIX, HP-UX, Solaris, Windows End of Life)

Webcasts and videos continue to bolster skills (watch this ‘hands-on’ professional… take an online guitar lesson, see how to fix your boat’s motor…), and it is no different in cybersecurity. Join Atomicorp and technology partners for OSSEC Conference 2021, where, in a four-day virtual conference, Open Source Security (OSSEC) will be discussed, analyzed, practiced, and […]

How to Reduce False Positives and False Negatives Using OSSEC FIM

There is no such thing as perfect security. Therefore, having robust detection capabilities is key to determining if you have been hit with a cyber attack that evaded your protection capabilities. One of the most important detection and compliance capabilities today, file integrity monitoring (FIM) provides the ability to detect signs of intrusion or improper […]

Dig Into FIM, ModSec, DevSecOps, and Secure Kubernetes at Atomicorp OSSEC Conference 2021

Practice FIM, Web Application Protection, DevSecOps, Kubernetes Troubleshooting— Topics such as file integrity monitoring (FIM), ModSecurity web application security, securing Kubernetes, and the importance of security in DevOps will be explored during Atomicorp’s OSSEC Conference 2021, a four-day virtual conference, Tuesday, Oct. 19 through Friday, Oct. 22. OSSEC Conference 2021 consists of two full days […]

File Integrity Monitoring (FIM) Tools and HIDS – the Foundation for Security and Compliance in a Cloudy World

File integrity monitoring (FIM) tools and a host-based intrusion detection system (HIDS) are the foundation for security and compliance, including NIST, PCI-DSS, GDPR, and more. HIDS (host-based intrusion detection system) is a security system that monitors the computing devices on which it is installed, the traffic between devices, the containers on the device, and that […]

Defend Against Monster Web Attacks With Atomic WAF (Web Application Firewall) and Atomic ModSecurity Rules

Monster of the Week; ModSecurity Rules and WAF to the Rescue Thar be monsters. Crimes are increasingly digital, with tens of thousands of websites getting hacked every day, on average. Malware can spread from there, infecting customers and members of the business supply chain. You know about the SolarWinds and Colonial Pipeline hacks, but there […]

FIM and Four Pillars for Zero Trust Architectures – a ZTA Whitepaper

Cybersecurity Executive Order Demands Zero Trust Zero trust is a hot button of the 2021 Cybersecurity Executive Order, and not surprising. As the SolarWinds and Colonial Pipeline hacks illustrated, devices and sensitive systems are getting compromised through deceptive practices such as ransomware and the compromising of code assumed to be trusted. In response to these […]