You may have started to see greater usage of the term “lateral movement” with regards to cyber attacks. Long a directional and network traffic term, lateral movement now commonly means unauthorized connection and sharing of files between two or more internal endpoints. While an initial breach usually comes from the outside, lateral movement occurs when […]
The 2020 pandemic, which undoubtedly will extend into 2021, has stretched the network. Work at home, once taboo by some stern and stodgy organizations, is now a reality and computing networks have had to become more distributed to support distant employees. Phase 1 of the pandemic was about getting connectivity out; harnessing the internet and […]
Since ancient times, attacks have come under the guise of gifts and other wrapped packages. In today’s digital landscape, Trojan horses, malware and social engineering attacks fool human employees and machines, in order to spy, spread malice, or siphon financial data and money. Files can also get corrupted and then penetrate your digital inventory and […]
Atomicorp is pleased to support Red Hat today in the launch of the Red Hat Marketplace, Red Hat Marketplace is an open cloud marketplace for enterprise customers to discover, try, purchase, deploy, and manage certified container-based software across environments—public and private, cloud and on-premises. Through the marketplace, customers can take advantage of responsive support, streamlined […]
Wednesday, June 24 & Thursday, June 25 Atomicorp is proud to host a fully virtual conference on Wednesday, June 24 and Thursday, June 25. The virtual conference is open to the OSSEC community to share technical insights, lessons learned, and best practices for OSSEC. See Full Schedule Day 1 – Conference Sessions Conference topics […]
This is part 3 of a 7-part series about PCI DSS compliance in the cloud. How to Support Continuous PCI Compliance with Workload Auditing and SIM/FIM PCI requires organizations to conduct “continuous compliance” on all systems touching cardholder data, rather than just annual PCI audits. SIM and FIM technologies detect changes to the workload, […]
This is part 2 of a 7-part series on PCI compliance in the cloud. Most businesses have assets in their environments that they aren’t aware exist. For instance, if a virtual machine is de-provisioned in the cloud environment, its file system may still live on − unprotected, unaudited, and but still inside the scope of […]
Most every IT organization has wrestled with achieving regulatory compliance, meeting auditors requirements, and reporting to management and other stakeholders. Moving workloads to the cloud introduces new wrinkles to an already thorny set of problems. For organizations moving to the Amazon cloud, it’s critical that they understand their new and changing issues and responsibilities associated […]
With more than 500,000 downloads per year and hundreds of thousands of active installs, OSSEC is the world’s most widely used open source host-based intrusion detection system (HIDS). OSSEC is used by organizations in virtually every industry and geography to meet critical security and compliance requirements both on-premise and in the cloud. The open source […]
Cyber Security Red Teams have become a common tool for testing enterprise cyber security. They attempt to penetrate security defenses as if they were hackers. Red Teams are motivated to be creative and determine the best way to circumvent security measures in place, sometimes by any means possible. Mike has been red teaming since the […]