By Scott Shinn (Are your AIX servers safe against advanced persistent threats? Boost AIX server security and block lateral movement into Windows and Linux environments—with Atomicorp.) The AIX Server Hack in Review AIX is a venerable operating system still employed by an estimated tens of thousands of global organizations, including many Fortune 500 companies. It […]
By Dean Lombardo What is malware memory analysis? This article explores the important role of malware memory analysis in fileless malware detection. Hackers and malware programs don’t need files to infect your computer systems. They can inject malicious code directly into system memory, often after tricking a user into clicking on an attachment or link. […]
By Scott Shinn A file integrity monitoring (FIM) system performs the crucial role of detecting system and file changes and determining the who, what, and where. FIM is a requirement of many security and privacy system integrity (SI) standards and regulations and an early warning system for when an intruder or malware strikes. File integrity […]
By Scott Shinn The recent CrowdStrike-caused BSOD outage on Microsoft systems has pulled focus on an ordinary but critical process: Extensive testing before rolling out software widely. What happened in the CrowdStrike outage? A bug in a CrowdStrike update has resulted in a global tech disruption for much of the airline industry as well as […]
By Scott Shinn Detect, analyze and respond to changes to computing systems and other signs of intruder activity with log-based IDS and XDR, including file integrity monitoring (FIM), from Atomicorp. Atomic OSSEC is an extended detection and response (XDR) system that addresses six key information security and compliance functional areas: log-based intrusion detection, file integrity […]
Employ real time file integrity monitoring (FIM) to meet always-on security requirements as well as data protection compliance standards such as PCI DSS. Cyberattacks can be sneaky fast, executing their programs, altering your files and source code, and deleting traces of the activity. Many file integrity monitoring (FIM) programs run on a timer based model, […]
By Scott Shinn Ghidra is an open source reverse engineering tool developed by the NSA. Four years mature, Ghidra is a solid tool that can be used to disable attacks at the root, enabling you to take the malware apart and build immunities. It’s reverse engineering via an open source tool today. At the February […]
OSSEC, which is short for open source security, was founded in 2004. It is an open source project for cybersecurity and delivers the most robust endpoint detection and response (EDR) capabilities available to enterprises today. Scott Shinn, OSSEC project manager, introduced its most recent update to 3.0 at the OSSEC conference this past April. In […]
Moving to the cloud presents a host of security and compliance responsibilities for enterprise security and IT teams. While cloud providers handle hardware and infrastructure, cloud workloads themselves must be secured by the enterprise. Traditional on-premise controls and network security don’t work in the perimeter-less virtual environment of the public cloud. OSSEC offers a free […]
Atomicorp’s CEO Mike Shinn walks through his experience with logging, SIEM and OSSEC approaches. He breaks down what is important and how the logging space has evolved over the past 20 years from a security perspective, including the introduction of security automation. Log-based Intrusion Detection System – LIDS Log-based intrusion detection (LIDS) was one of […]