Cyber Security Awareness and Vulnerabilities Blog

five-reasons-healthcare-needs-identity-governance.jpg

healthcare-needs-identity-governance

Healthcare organizations today face extraordinary challenges in a dynamic, complex landscape. During the last two decades, the healthcare industry has seen increasing regulations, an acceleration of technology and workforce growth, acquisitions and consolidation, and the pressure to increase operational efficiencies and decrease overall…

Read More

While many inaccurately use vulnerability scans or vulnerability assessments as terms that are synonymous with penetration tests, others explain the differences as though you have to choose between the two. Vulnerability assessments are tools that search for and report on what known vulnerabilities…

Read More

Intelligent-Visible-Identity-Governance.jpg

intelligent-visible-identity-governance

Let’s face it. Regardless of the Identity Governance and Administration solution you use for provisioning and access reviews, you are most likely relying on what is fundamentally a web version of spreadsheets or lists of entitlements in a web portal for role design…

Read More

When_Should_You_Upgrade_from_Free_SIEM.jpeg

When Should You Replace Your Free SIEM Tools?

Free Security Information and Event Management (SIEM) solutions have significant benefits, providing visibility into security environments and enabling proactive vulnerability management for many small and mid-sized organizations. However, these tools often come with limitations that will lead security teams to consider commercial options.…

Read More

Though its origins date back to 2017, Smominru is a dangerous botnet that has been making headlines recently as it continues to spread, attacking targets in every industry. Smominru, which also operates under known variants like including Hexmen and Mykings, has infiltrated hundreds…

Read More

micro-certifications-identity-governance.jpg

micro-certifications-identity-governance

Access certification is one of the most important types of reviews within organizations today. An access certification, also called an attestation, occurs when a manager reviews a user’s access and validates that the user still requires—or no longer requires—access to an application, system,…

Read More

cs-questions-to-consider-developing-pen-testing-strategy-blog-700x350.png

Action Items to Consider After Completing a Pen Test

 In order to complete a successful penetration test, a great deal of time is often spent in the planning stage. Time should also be invested into the post-test process. Going through the results of pen tests provides a great opportunity to discuss plans…

Read More

700x350.png

Ub0House Pen Testing Tools

Penetration testing is an undeniably effective way to improve an organization’s security, allowing cybersecurity professionals to safely validate the exploitability of security weaknesses, before a malicious attacker does. Though threat actors are more persistent than ever, the good news is that more and…

Read More

There are daily reminders seen in the news, or heard second hand, of hackers stealing or exposing data. Having just one pen test often exposes security weaknesses that are not adequately protected with compensating controls,  Which will help with  setting priorities and mitigating…

Read More

There have been many stories in the news about Ryuk, a targeted and powerful piece of ransomware that has been attacking organizations, including municipal governments, state courts, hospitals, enterprises, and large universities. Many of these organizations have paid hefty fees to recover their…

Read More