Cyber Security Awareness and Vulnerabilities Blog

Image
three-things-you-need-in-penetration-test

Three Things You Need in a Penetration Testing Tool

Jun 29, 2020
More than ever before, security teams are turning to penetration testing tools to advance their in-house programs through strategic automation. So what should you look for when it comes to an automated pen testing solution? This blog will examine the three essential things every modern penetration testing team needs in order to be most effective.
Image
pen testing for a remote workforce

The Importance of Penetration Testing for a Remote Workforce

Jun 22, 2020
As we continue to adapt in these unprecedented times, many workplaces have remained fully remote. In fact, some organizations have seen enough benefits from remote work that they are planning a permanent shift away from a traditional office environment, instead having their workforce either partially or fully remote. Whether temporary or permanent, remote work has been a large adjustment for everyone, though perhaps even more so for each organization’s security teams.
Image
Core Impact Helps Secure PCI DSS

Core Impact Helps Secure PCI DSS v3.2 Requirement 11

Jun 15, 2020
The Payment Card Industry Data Security Standard (PCI DSS) supports networks, systems, and other payment card processing equipment in order to reduce credit card fraud. This vital regulation has 12 main provisions that must be adhered to not only to stay compliant, but to build and maintain a strong security posture that protects sensitive financial data.
Image
Penetration Testing for Regulatory Compliance

Penetration Testing for Regulatory Compliance

Jun 10, 2020
 While the shift from paper copies to digital storage has enabled organizations to increase efficiency in countless ways, bad actors have also launched countless attacks to steal private information. In order to protect this valuable data, many industries now have cybersecurity regulations. HIPAA has been expanded for healthcare and NERC applies to the utilities and energy sector, and higher education institutions must adhere to HEOA, to name a few.
Image
IT professionals in server room

How to Leverage a Comprehensive Privileged Access Management Security Approach

Jun 2, 2020
Effectively managing privileged access has become a top priority for many organizations seeking to protect their data and systems from unauthorized users. That’s because inappropriate access can expose valuable organizational data, compromise sensitive information, and adversely affect system reliability. The latest Verizon Data Breach Investigations Report found that the majority of data breaches leverage privileged accounts directly.
Image
Hands typing on keyboard

3 Reasons Why Your Remote Workforce Is Vulnerable

Jun 1, 2020
In the wake of COVID-19, threat actors are taking full advantage of the industry scramble to work-from-home, and the security weaknesses that presents.
Image
Man looking at a computer

How Financial Services Organizations Can Mitigate Their Top Identity-Related Access Risks

Jun 1, 2020
Financial services organizations face numerous challenges in a constantly changing landscape. With increased cybersecurity threats, intensified regulatory requirements, an acceleration of digital transformation, large-scale mergers and acquisitions, and growing customer expectations, these organizations must pursue strategies and programs that mitigate risks, safeguard valuable data, and protect sensitive financial information within their organizations.
Image
How to Manage the Pen Testing Skills Shortage

How To Manage the Pen Testing Skills Shortage

May 27, 2020
According to the 2020 Pen Testing Report, 97% of cybersecurity professionals surveyed felt that penetration testing was somewhat important or important to their organization’s security posture, with 95% also reporting that penetration testing was at least somewhat important to their compliance initiatives.
Image
What is?

What is Network Insight?

May 18, 2020
You can’t stop something you can’t see. In today’s world, threats are evolving constantly and dangerous attackers continue to cause serious damage to organizations across industries. Threat detection solutions monitor your environment for malicious activity, uncovering and alerting security teams of risk. Core Network Insight focuses on advanced threat detection across the enterprise, finding infections in every type of device, including high end IoT.
Image
Pen tester in hoodie

Pen Testing Stories from the Field: Combining Tools to Take Over an Entire Domain

Apr 21, 2020
There is no single set of instructions on how to run a penetration test, and no one manual on how to be a pen tester. The only real constant is that each job is a combination of preparation and improvisation to adapt and adjust to each environment’s quirks. So one of the best ways to learn and improve your own penetration testing techniques and strategies is from your peers, whether it be through watching them on the job, or from talking shop at a conference and hearing how they handled an interesting assignment.

How to Revamp Your Organization's Cybersecurity Program

Apr 6, 2020
When cyberattacks and data breaches make the news, it’s usually because they’re at large companies like Facebook or healthcare organizations. But every organization, large or small, needs to be concerned about cybersecurity; hackers have begun to understand that, while smaller companies may have less data on hand, they may have access to covetable third parties.
Image
Security Tips

Responding to the New Normal: How to Prevent Added Risk in Your Business

Mar 31, 2020
Our world has shifted dramatically over the last few weeks. Many people have moved from shock to acceptance as the novel coronavirus (COVID-19) has taken hold across the world, across our nation, in our states, in our communities, and even in our organizations.
Image
IT Security

Four Network Security Challenges for Organizations with a Remote Workforce

Mar 25, 2020
Recently, the need for being able to work remotely has dominated the news, making it clear that the ability to connect from anywhere may soon become the norm for more businesses and industries than ever before. While remote work may be coveted by many employees, it can easily fill your cybersecurity team with dread. Telework can create many new security weaknesses for an IT environment, and can significantly increase your organization’s chance of a devastating data breach. Read on to find out what makes these new network connections so vulnerable, and how you can reduce your risk.
Image
Data Security

How to Protect Your Business Against Common Cybersecurity Threats with SIEM

Mar 25, 2020
Organizations today may have a false sense of security when it comes to the security of their own environments. In fact, there are numerous ways companies make it easier for threat actors to gain access into their systems undetected. To complicate matters even further, the sheer volume of threats companies face makes it impossible to uncover security events quickly—even if many are benign.

Top 3 IT Strategies for Optimizing Productivity

Mar 24, 2020
Little fires everywhere – not just a best-selling novel and new streaming show starring Reese Witherspoon: it’s what most respondents said was the biggest impediment to productivity in their workday. Distractions in the form of meetings, urgent emails, and (worst case) system outages force even the most organized sysadmin to push tasks back and cause pileups in the future. Whether or not you’re using the same strategies to stay productive in IT as the ones highlighted below, learn how your peers avoid and overcome hurdles to keep focusing on high-impact tasks.
Image
Data Security

Common Security Concerns and How to Reduce Your Risk

Mar 22, 2020
What common security risks/entry points are you most concerned about?
Image
Security icons

You Can’t Act On What You Don’t See: How to Intelligently Uncover Hidden Access Risks

Feb 27, 2020
No matter how mature your organization is in its identity governance approach, there’s one thing you may be overlooking that poses a huge risk to your business. Hidden access. How confident are you that you have revealed all the hidden access risks that are lurking in your network? If hidden access concerns you, then you are in good company.
Image
Digital lock

Three Ways to Intelligently and Efficiently Mitigate Identity Risk in Your Business

Feb 20, 2020
Mitigating access-related risks is increasingly challenging in today’s complex business environment. The chaos that results from supporting countless devices, applications, and systems with access to key data is harder to manage than ever before. Many organizations today lack the resources of larger, global enterprises, yet face the same security and compliance demands.
Image
IT professionals in server room

Three Lessons Learned From A Data Breach

Feb 20, 2020
Data breaches have been plaguing organizations for years, and the numbers continue to climb. After a breach, an organization goes into survival mode—trying to recover data, reestablish trust, and ensure they can keep their business running. It’s understandable that there isn’t much leisure time to sit back and reflect on what could have been done differently. So we’ve done the work for you, laying out some simple lessons learned from the many breaches we’ve observed over the past few years, as well as ways they can be avoided.  
Image
Man looking at a computer

How Voice Biometrics Became a Real Game-Changer at a Large Financial Services Organization

Feb 10, 2020
Voice biometrics, or voiceprint technology, has started gaining significant traction within the financial services industry. And for good reason. Passwords alone are no longer sufficient for protecting business-critical assets and applications. Instead, voiceprint technology instantly recognizes the voice patterns unique to each individual and can authenticate access securely. Industries like financial services are moving away from using passwords for account access and toward secure biometric authentication that is fast, convenient, secure, and cost effective.
Image
Security lock breaking

How to Deal With Orphaned Accounts in Your Business

Jan 30, 2020
According to the 2019 Verizon Data Breach Investigations Report, 62 percent of all data breaches last year involved the use of stolen credentials, brute force, or phishing. Nearly half of these types of breaches were directly attributed to stolen credentials. Stolen credentials are not only a risk through active user accounts, but can be a significant risk through orphaned accounts.

Why is Multi Tenancy Important in a SIEM Solution?

Jan 27, 2020
All SIEMs are well known for their ability to monitor IT infrastructures for potential threats, escalating them to the appropriate party. Though these solutions share this core function in common, SIEMs differ widely in terms of features. It’s important to evaluate your own environment to determine what your priorities are. For certain organizations, particularly MSPs, multi tenancy is a key functionality.
Image
Phishing hook

How Phishing Has Evolved and Three Ways to Prevent Attacks

Jan 23, 2020
The term “phishing” can be traced back to 1996, when it was used to reference a group of attackers that were imitating AOL employees using AOL messenger, asking people to verify their accounts or billing information. Many unsuspecting users fell prey to this scam purely due to their novelty. Though we would like to believe that we would never be fooled by such an attack these days, phishing remains as popular as ever. Though internet users may have become more discerning, attackers have also become more skilled in how they’re luring in more victims.

What is the California Consumer Privacy Act?

Jan 23, 2020
The California Consumer Privacy Act (CCPA), the latest data privacy law in the Golden State, went into effect on January 1st, 2020. Some have compared it to the UK’s GDPR (General Data Protection Regulation), and they’re not far off – like the GDPR, the CCPA is intended to protect individuals’ private data by making data collection and usage more transparent between consumers and companies.
Image
ROI

The Basics of IGA ROI: How to Show Value in Identity Governance

Jan 15, 2020
Like most companies today, your business is likely facing increasing demands to support and protect more devices and systems that contain data critical to your business. You are spending increasing time and resources on manual, repetitive tasks for managing user accounts. And you are being squeezed by the business to do more with less.