File integrity monitoring (FIM) tools and a host-based intrusion detection system (HIDS) are the foundation for security and compliance, including NIST, PCI-DSS, GDPR, and more. HIDS (host-based intrusion detection system) is a security system that monitors the computing devices on which it is installed, the traffic between devices, the containers on the device, and that […]
Monster of the Week; ModSecurity Rules and WAF to the Rescue Thar be monsters. Crimes are increasingly digital, with tens of thousands of websites getting hacked every day, on average. Malware can spread from there, infecting customers and members of the business supply chain. You know about the SolarWinds and Colonial Pipeline hacks, but there […]
Cybersecurity Executive Order Demands Zero Trust Zero trust is a hot button of the 2021 Cybersecurity Executive Order, and not surprising. As the SolarWinds and Colonial Pipeline hacks illustrated, devices and sensitive systems are getting compromised through deceptive practices such as ransomware and the compromising of code assumed to be trusted. In response to these […]
Federal Information Processing Standard 140-2 (FIPS 140-2) is a requirement for U.S. government organizations and contractors, a government security mandate designed to evaluate and approve encryption solutions serving the federal supply chain. It calls for security by a cryptographic module, and employs a security accreditation program for assessing private sector company security solution capabilities against […]
Your security systems can’t stop an attack unless they detect there is one, making file integrity monitoring (FIM), or the ability to automatically track changes to the environment, crucial in detection and prevention. This detection needs to be not only fast but deep enough to stop the likes of the SolarWinds Sunburst attack, which leveraged […]
(Federal agencies are challenged to protect legacy systems while complying with FISMA secure modernization. Atomicorp brings the best of both worlds for protecting existing and modernized hybrid architecture.) Nearly every organization employs a favorite old system or way of doing something, and agencies in the government and the Department of Defense are no different. We […]
(Venerable legacy systems such as AIX and Solaris require a flexible endpoint protection solution to enable architects to manage secure hybrid cloud architectures.) What are the challenges of maintaining legacy systems? You know, when the rest of the IT landscape is changing to newer makes and models but your own equipment or software is not […]
“The VPN is dying.” “The VPN is dead.” “The death of the VPN!” “Wait, I still use a VPN for that.” “Long live the VPN.” You’ve heard it all countless times before. The headlines have been cyclical, copious and dogmatic over more than two decades, like a cosmic loop of inevitable banter about the weather. […]
“What is advanced FIM – file integrity monitoring? Leading FIM tools all inspect more than just files, they detect threats, prompt rapid response, and provide a foundation for compliance.” When there’s turnover and shortage of training, skills or personnel, companies turn to software, SaaS, and process automation from the cloud to help them run, manage […]
(The cloud poses a host of data compliance challenges, including lack of visibility, confusion over whose responsibility it is to protect data, and the lack of an ideal standard compliance architecture. What’s needed is cloud compliance tools and a platform for security and compliance.) The cloud allows organizations to abstract core parts of their businesses, […]