Employ real time file integrity monitoring (FIM) to meet always-on security requirements as well as data protection compliance standards such as PCI DSS. Cyberattacks can be sneaky fast, executing their programs, altering your files and source code, and deleting traces of the activity. Many file integrity monitoring (FIM) programs run on a timer based model, […]
By Scott Shinn Ghidra is an open source reverse engineering tool developed by the NSA. Four years mature, Ghidra is a solid tool that can be used to disable attacks at the root, enabling you to take the malware apart and build immunities. It’s reverse engineering via an open source tool today. At the February […]
Comprising more than half of all cyberattacks, file-based attacks (.DOCX, .pdf, etc.) enable malware to spread into other files and across different systems. These attacks can be sophisticated, able to use deception to take path-traversal courses to get at sensitive data or spread silently, closing portals and deleting files behind them to hide their presence. […]
Atomicorp’s cloud and server security and compliance systems now work with Intensity Analytics’ TickStream.Key.ID to red flag potential account compromises which automatically trigger suspicious activity alerts and support an adaptive security model. In addition, TickStream.Key.ID provides improved visibility into and accountability for privileged access accounts to protect against insider threats. Atomicorp’s products enable customers to […]
This is part 2 of a 7-part series on PCI compliance in the cloud. Most businesses have assets in their environments that they aren’t aware exist. For instance, if a virtual machine is de-provisioned in the cloud environment, its file system may still live on − unprotected, unaudited, and but still inside the scope of […]
This is part 1 of seven-part series on achieving PCI compliance in the cloud. Shared Responsibility isn’t as easy as it sounds When businesses sign a service level agreement with a cloud provider, they may believe the provider will protect everything in their cloud− infrastructure and applications alike. But in each contract there is […]