Uncategorized

Security Information Event Management (SIEM) platforms are an essential part of a modern Security Operations Center (SOC). The SIEM performs the important functions of:  Collecting and aggregating log data generated across the vast technology infrastructure of an organization   Identifying, categorizing and analyzing events against carefully designed rules and filters  Providing reports on security related incidents

EHackingnews.com recently reported that the U.S. healthcare industry is suffering a massive wave of cyberattacks whereby cybercriminals are infiltrating healthcare systems, stealing critical data and disrupting health services. This rise in hacking attempts leads to a risk of patient privacy which is even more critical during the time of the COVID-19 pandemic.   In one specific

Ransomware is malicious malware that encrypts a victim’s files and then demands a ransom to restore access to the files. These attacks have become more and more popular in the recent years and ransomware incident response is essential. There are several ways in which ransomware can gain access to a computer.   One of the most

Security compliance is a legal concern for organizations in many industries today due to regulatory standards such as PCI DSS, HIPAA, and ISO 27001 that prescribe recommendations for protecting data. Failure to meet compliance regulations can result in significant legal and financial penalties.   This risk is exacerbated by organizations moving data to the cloud as

Some Sobering Statistics on the State of Security Operations   The recent Forrester 2020 State of Security Operations Survey stated that  The average security team receives over 11,000 alerts per day  The vast majority of these alerts must be manually processed and SecOps teams are unable to keep up with the volume  79% of surveyed businesses have experienced a breach

In the world of cybersecurity, there are many different acronyms. Two popular acronyms that are often used interchangeably are SIEM and SOAR. Both tools focus on helping cybersecurity teams become hyper-efficient, but they do differ in how exactly they work.   Before going any further, it is important to understand what exactly the acronyms SIEM and

Quite often, security teams receive network alerts by their network monitoring systems that someone is scanning ports or there is a possible brute force attack on one or more servers. According to the SANS Institute, port scanning is one of the most popular techniques attackers use to discover services that they can exploit to break into systems.

Office 365, one of largest SaaS platforms used by organizations, is constantly on the radar of malicious hackers. Companies store volumes of mission critical and sensitive data on the platform, which they assume is protected and secure.   A recent report found that 25% of phishing attacks are able to circumvent Microsoft 365 security. The more common ways that

Several converging trends have contributed to highly challenging times with regard to cybersecurity which are making guided investigation and response essential. #1 – Cyberattacks are the Fastest Growing Crime in the US   According to Cybersecurity Ventures, cyberattacks are the fastest growing crime in the U.S., and they are increasing in size, sophistication and cost. Cybercrime will cost the

Mean Time to Response (MTTR) is one of the most important aspects of any cybersecurity organization. The recent breach at Blackbaud, a cloud software company that helps non-profits to support their philanthropic efforts, has had serious ramifications on the company, the non-profits that they serve, and the donors that support them across their digital supply chain. 

Cloudflare is a service designed to protect websites from attacks while simultaneously optimizing performance. Unfortunately, Cloudflare accounts can be and have been compromised or the service can be down altogether. A recent outage on July 17 that was blamed on a configuration error has impacted one of our customers. The customer was not aware of this