Continuing Our Open Source Commitment through Red Hat OpenShift

Posted on by Mike Shinn

Atomicorp is pleased to support Red Hat today in the launch of the Red Hat Marketplace, Red Hat Marketplace is an open cloud marketplace for enterprise customers to discover, try, purchase, deploy, and manage certified container-based software across environments—public and private, cloud and on-premises. Through the marketplace, customers can take advantage of responsive support, streamlined […]

Announcing OSSEC Virtual Con2020

Posted on by Justin Countiss

Wednesday, June 24 & Thursday, June 25 Atomicorp is proud to host a fully virtual conference on Wednesday, June 24 and Thursday, June 25. The virtual conference is open to the OSSEC community to share technical insights, lessons learned, and best practices for OSSEC. See Full Schedule   Day 1 – Conference Sessions Conference topics […]

PCI Compliance in the Cloud: File Integrity Monitoring and Workload Auditing

Posted on by Mike Shinn

This is part 3 of a 7-part series about PCI DSS compliance in the cloud. How to Support Continuous PCI Compliance with Workload Auditing and SIM/FIM    PCI requires organizations to conduct “continuous compliance” on all systems touching cardholder data, rather than just annual PCI audits.  SIM and FIM technologies detect changes to the workload, […]

Posted in Uncategorized | Comments Off on PCI Compliance in the Cloud: File Integrity Monitoring and Workload Auditing

Security State: The Invisible Condition That Impacts Your PCI

Posted on by Mike Shinn

This is part 2 of a 7-part series on PCI compliance in the cloud. Most businesses have assets in their environments that they aren’t aware exist. For instance, if a virtual machine is de-provisioned in the cloud environment, its file system may still live on − unprotected, unaudited, and but still inside the scope of […]

Achieving AWS Compliance: Considerations for IT and Cloud Security Teams

Posted on by sshinn

Most every IT organization has wrestled with achieving regulatory compliance, meeting auditors requirements, and reporting to management and other stakeholders. Moving workloads to the cloud introduces new wrinkles to an already thorny set of problems. For organizations moving to the Amazon cloud, it’s critical that they understand their new and changing issues and responsibilities associated […]

Improving OSSEC Manageability, Security, and Compliance with Atomic Enterprise OSSEC

Posted on by Mike Shinn

With more than 500,000 downloads per year and hundreds of thousands of active installs, OSSEC is the world’s most widely used open source host-based intrusion detection system (HIDS).  OSSEC is used by organizations in virtually every industry and geography to meet critical security and compliance requirements both on-premise and in the cloud. The open source […]

Podcast: What Are Cyber Security Red Teams and Why They Exist

Posted on by cody woods

Cyber Security Red Teams have become a common tool for testing enterprise cyber security. They attempt to penetrate security defenses as if they were hackers. Red Teams are motivated to be creative and determine the best way to circumvent security measures in place, sometimes by any means possible. Mike has been red teaming since the […]

Podcast: Why Do Hackers Hack? It’s Not Why You Think

Posted on by cody woods

Why do hackers want to break in? It’s a question that has been asked in lots of different ways. From why would they want to? Why would they care? And this is a really good question to ask yourself and to try and understand because often times people tend to look at what they’re protecting […]

Podcast: What Is Virtual Patching and How Can It Enhance Security

Posted on by cody woods

Virtual patching is a way of implementing a security policy to eliminate or mitigate a vulnerability. It is not actually patching, but is a way to do something quick and external to the application. Why not just use a patch? Sometimes there is no patch available and other times speed is of the essence. And, […]

Podcast: What Are SQL Injection Attacks?

Posted on by cody woods

SQL Injection Attacks are a method for taking advantage of flaws in the way an application is written. In particular, they exploit application vulnerabilities that offer direct access to databases. Mike Shinn, CEO of Atomicorp, has employed SQL injections in cyber security Red Team exercises and built countermeasures that defend against them. In this week’s […]