What happened? Many of us woke up to the news that the data of 100 million people were exposed when Capital One’s Amazon servers were breached by Seattle-based hacker. While information about the specifics of the breach may never be known by the public, this staggering data loss is exceptionally instructive for organizations moving critical […]
Most every IT organization has wrestled with achieving regulatory compliance, meeting auditors requirements, and reporting to management and other stakeholders. Moving workloads to the cloud introduces new wrinkles to an already thorny set of problems. For organizations moving to the Amazon cloud, it’s critical that they understand their new and changing issues and responsibilities associated […]
With more than 500,000 downloads per year and hundreds of thousands of active installs, OSSEC is the world’s most widely used open source host-based intrusion detection system (HIDS). OSSEC is used by organizations in virtually every industry and geography to meet critical security and compliance requirements both on-premise and in the cloud. The open source […]
Moving to the cloud presents a host of security and compliance responsibilities for enterprise security and IT teams. While cloud providers handle hardware and infrastructure, cloud workloads themselves must be secured by the enterprise. Traditional on-premise controls and network security don’t work in the perimeter-less virtual environment of the public cloud. OSSEC offers a free […]
Cyber Security Red Teams have become a common tool for testing enterprise cyber security. They attempt to penetrate security defenses as if they were hackers. Red Teams are motivated to be creative and determine the best way to circumvent security measures in place, sometimes by any means possible. Mike has been red teaming since the […]
Why do hackers want to break in? It’s a question that has been asked in lots of different ways. From why would they want to? Why would they care? And this is a really good question to ask yourself and to try and understand because often times people tend to look at what they’re protecting […]
Virtual patching is a way of implementing a security policy to eliminate or mitigate a vulnerability. It is not actually patching, but is a way to do something quick and external to the application. Why not just use a patch? Sometimes there is no patch available and other times speed is of the essence. And, […]
SQL Injection Attacks are a method for taking advantage of flaws in the way an application is written. In particular, they exploit application vulnerabilities that offer direct access to databases. Mike Shinn, CEO of Atomicorp, has employed SQL injections in cyber security Red Team exercises and built countermeasures that defend against them. In this week’s […]
The Common Vulnerabilities and Exposures (CVE) system is a critical tool for the cybersecurity industry. CVEs provide consistency in naming and clarity on the nature and impact of various vulnerabilities. In this week’s Linux Security Podcast, Atomicorp CEO Mike Shinn discusses the origin and management of the CVE process, how it’s used by cybersecurity professionals […]
The Efail vulnerability has been in the news and has many people rushing to remove encryption from their email clients. The security vulnerability does impact S/MIME and PGP users, but only a subset. That means a lot of people are removing encryption from their email unnecessarily and putting themselves at risk. Atomicorp CEO Mike Shinn […]