Why DevSecOps Is a Timely Discipline

DevSecOps… it’s just another buzzword, isn’t it? *** Bzzzzz… Business Transformation. Digital Transformation. Infrastructure Modernization. The cloud and software as a service (SaaS). Virtualization and abstraction. Turnkey automation and orchestration Edge computing. VMs and containers. DevOps. Do more with less. WIth all this buzz and transformation, the security function risks falling behind. But security has […]

Free ModSecurity Rules From Leading OSSEC Provider

Free ModSecurity Rules provide 100s of rules and basic tools to protect your web application infrastructure and limit false positives. Leveraging our Free ModSecurity Rules provides a starting foundation for threat detection and response, always-on protection, automated tasks, reporting, and compliance. Why ModSecurity? Attack surfaces continue to expand and cyber adversaries are going after the […]

With File Integrity Monitoring, Visibility, Control and Compliance Don’t Have to Be Lost in the Cloud

By Atomicorp IT infrastructure abstraction to the Internet and cloud, while allowing you to roll out applications faster, comes with a cost. It dims your visibility and control over the full scope of your server and desktop environments, applications, files and containers. For today’s digital security and compliance reality you need file integrity monitoring. You […]

Lessons (and Defenses) Learned From the SolarWinds ‘Sunburst/Dark Halo’ Hack)

The widely reported December 2020 hack of the SolarWinds Orion network performance monitoring system employed a sophisticated series of takeover steps that included backdoors, expired domains, the use of Orion itself as a vector, compromised credentials, and malware implants, all to steal data and compromise systems. The attack, referred to as Sunburst, Sunburst Backdoor, and […]

How to Defend Against Lateral Movement in Windows With OSSEC

You may have started to see greater usage of the term “lateral movement” with regards to cyber attacks. Long a directional and network traffic term, lateral movement now commonly means unauthorized connection and sharing of files between two or more internal endpoints. While an initial breach usually comes from the outside, lateral movement occurs when […]

5 Attack Methods Continuing Into 2021 and What You Can Do About Them

The 2020 pandemic, which undoubtedly will extend into 2021, has stretched the network. Work at home, once taboo by some stern and stodgy organizations, is now a reality and computing networks have had to become more distributed to support distant employees. Phase 1 of the pandemic was about getting connectivity out; harnessing the internet and […]

Why File Integrity Monitoring and Shift-Left Security Are Crucial for Container Environments

Since ancient times, attacks have come under the guise of gifts and other wrapped packages. In today’s digital landscape, Trojan horses, malware and social engineering attacks fool human employees and machines, in order to spy, spread malice, or siphon financial data and money. Files can also get corrupted and then penetrate your digital inventory and […]

Continuing Our Open Source Commitment through Red Hat OpenShift

Atomicorp is pleased to support Red Hat today in the launch of the Red Hat Marketplace, Red Hat Marketplace is an open cloud marketplace for enterprise customers to discover, try, purchase, deploy, and manage certified container-based software across environments—public and private, cloud and on-premises. Through the marketplace, customers can take advantage of responsive support, streamlined […]

Announcing OSSEC Virtual Con2020

Wednesday, June 24 & Thursday, June 25 Atomicorp is proud to host a fully virtual conference on Wednesday, June 24 and Thursday, June 25. The virtual conference is open to the OSSEC community to share technical insights, lessons learned, and best practices for OSSEC. See Full Schedule   Day 1 – Conference Sessions Conference topics […]

Atomicorp & Intensity Analytics Collaborate to Deliver Identity Assurance Compliance Across Platforms

Atomicorp’s cloud and server security and compliance systems now work with Intensity Analytics’ TickStream.Key.ID to red flag potential account compromises which automatically trigger suspicious activity alerts and support an adaptive security model. In addition, TickStream.Key.ID provides improved visibility into and accountability for privileged access accounts to protect against insider threats. Atomicorp’s products enable customers to […]