Operational technology (OT) outages can disrupt our everyday physical lives, impacting equipment at large-scale power plants, traffic lights, patient care equipment, and manufacturers and distributors meeting demand. The more critical the OT’s function, the more devastating the impact of an attack or outage. OT cyberthreats don’t go away just because your industrial control system (ICS), […]
Don’t leave your legacy or end of life (EOL) systems exposed due to a false sense of security or misconception that security software and service are no longer available for the platform. AIX and Solaris have become legacy platforms; many cybersecurity vendors have dropped support for these OSs, especially the end of life (EOL) versions—or […]
Atomic OSSEC SIEM collects, distills and analyzes severity-based threat, vulnerability, and FIM events, and other indicators of attack. A security information and event management (SIEM) system is only as good as the quality of information it provides. Too many alerts and too many data points can result in mountains of data for security engineers, analysts, […]
Continue to meet FedRAMP security control requirements, amid uncertainty, with Atomicorp NIST 800-171 compliance solutions. The U.S. Federal Risk and Authorization Management Program (FedRAMP) codifies and standardizes the security required by cloud service providers in protecting federal unclassified information. FedRAMP security controls define the standards by which federal agencies and third-party assessors measure and assess […]
(Facilitate NIST 800-171 and ISO 27001 compliance with the NIST 800-171 security controls in Atomic OSSEC, the most advanced version of OSSEC HIDS.) NIST Special Publication (SP) 800-171 is a security compliance guideline that primarily affects government contractors and suppliers to the DoD. Federal agencies require NIST 800-171 adherence in contractual agreements with nonfederal organizations […]
PCI DSS Version 4.0 Deadline: March 31, 2025 Payment Card Industry Data Security Standard, version 4.0 (i.e., PCI DSS v.4.0), is effective March 31, 2025. Organizations intending to remain in compliance with Payment Card Industry credit card data protection requirements must be transitioned to the new PCI Data Security Standard, version 4.0 by this date. […]
By Scott Shinn A file integrity monitoring (FIM) system performs the crucial role of detecting system and file changes and determining the who, what, and where. FIM is a requirement of many security and privacy system integrity (SI) standards and regulations and an early warning system for when an intruder or malware strikes. File integrity […]
By Scott Shinn Detect, analyze and respond to changes to computing systems and other signs of intruder activity with log-based IDS and XDR, including file integrity monitoring (FIM), from Atomicorp. Atomic OSSEC is an extended detection and response (XDR) system that addresses six key information security and compliance functional areas: log-based intrusion detection, file integrity […]
Employ real time file integrity monitoring (FIM) to meet always-on security requirements as well as data protection compliance standards such as PCI DSS. Cyberattacks can be sneaky fast, executing their programs, altering your files and source code, and deleting traces of the activity. Many file integrity monitoring (FIM) programs run on a timer based model, […]
By Scott Shinn Ghidra is an open source reverse engineering tool developed by the NSA. Four years mature, Ghidra is a solid tool that can be used to disable attacks at the root, enabling you to take the malware apart and build immunities. It’s reverse engineering via an open source tool today. At the February […]
