Atomic OSSEC SIEM collects, distills and analyzes severity-based threat, vulnerability, and FIM events, and other indicators of attack. A security information and event management (SIEM) system is only as good as the quality of information it provides. Too many alerts and too many data points can result in mountains of data for security engineers, analysts, […]
(Facilitate NIST 800-171 and ISO 27001 compliance with the NIST 800-171 security controls in Atomic OSSEC, the most advanced version of OSSEC HIDS.) NIST Special Publication (SP) 800-171 is a security compliance guideline that primarily affects government contractors and suppliers to the DoD. Federal agencies require NIST 800-171 adherence in contractual agreements with nonfederal organizations […]
Zero trust principles shouldn’t only be applied to the untrusted internet and traffic from the web. The security perimeter—no matter how dynamic—isn’t foolproof and can be breached and bad actors can get inside in a number of ways. Be able to stop a threat that has already penetrated your core by filtering east-to-west traffic and […]
By Dean Lombardo What is malware memory analysis? This article explores the important role of malware memory analysis in fileless malware detection. Hackers and malware programs don’t need files to infect your computer systems. They can inject malicious code directly into system memory, often after tricking a user into clicking on an attachment or link. […]