Cyber Security Awareness and Vulnerabilities Blog

Image
Security Tips

Top Content in Review: 2018's Most Read Cybersecurity Information by IT and Security Professionals

Dec 26, 2018
As each year draws to a close, the temptation is always to wipe the slate clean, put the past behind us, and have a fresh start come January. However, for most things, and particularly when it comes to cybersecurity, the best way to ensure a successful year ahead is to utilize what we learned over the past year as a foundation to build on. Read on as we revisit pieces from the past year that will remain relevant into 2019 and beyond.
Image
Virus Protection

Powertech Antivirus and ClamAV: A Detection Rate Comparison

Dec 14, 2018
Antivirus solutions are like a water filter for your IT environment – they catch impurities that can poison your system. This is what makes detection rates such an important consideration when Linux IT security professionals are choosing an antivirus solution. These ratings analyze not only how much an antivirus solution catches, but also what it catches.

Why Corporate Networks are Key Targets for Cryptojacking

Dec 5, 2018
It’s hard to escape hearing about cryptocurrency these days. But this new monetary system is not utilized by a large percent of the population, and is incredibly complex, so many of us are left to simply smile and nod when it’s brought up in conversation.
Image
Cloud Security

A Precarious Balance: Privileged Users and the Cloud

Nov 19, 2018
Organizations face a unique balancing act when dealing with privileged users. On the one side, they require high level access in order to successfully do their jobs.
Image
Cloud Security

Cloud Watching: Ensuring Security in Every Cloud Environment

Nov 1, 2018
Though the common vernacular is “The Cloud,” the truth is, there are multiple cloud environments and providers available to organizations looking to utilize this growing technology. Read on to learn about the different types of cloud environments, and the biggest security obstacle each presents. Cloud Types Terminology in cloud computing is growing almost as rapidly as the technology. The following list outlines the important differences between the most common types of cloud deployments:
Image
Cloud Security

The Shared Responsibility of Cloud Security

Oct 25, 2018
Even doubters now agree that the forecast of the future of cloud computing is sunnier than ever. As more and more people and organizations transition to cloud services, the question of how to keep the cloud secure becomes more important than ever. Though initially unclear, as the latest report from the Cloud Security Alliance (CSA) suggests, the agreement that cloud security is a shared responsibility between cloud providers and cloud users has now firmly taken hold. How those responsibilities shake out, however, is an ongoing conversation.
Image
Typing on computer with security shield

Three Signs You’ve Outgrown Password Vault

Sep 24, 2018
Privileged Account and Session Management (PASM) software, better known as password vaulting, is a type of Privileged Access Management (PAM) solution that helps organizations manage accounts by restricting root access to their environment. These solutions are invaluable for protecting data.
Image
Computer keyboard with digital people icons

A Case for PEDM

Sep 24, 2018
Privileged Account and Session Management (PASM) tools, better known as password vaulting, are a type of PAM solution that restricts user access to IT systems and protects an organization’s data. Some organizations implement password vaulting technology to get started with managing privilege. However, as an infrastructure becomes more multifaceted, additional solutions that utilize other access management strategies should be integrated to maintain speed and security.

Different Paths, Same Goal: Privileged Account and Session Management (PASM) and Privilege Elevation and Delegation Management (PEDM)

Sep 23, 2018
Acronyms abound when it comes to Privileged Access Management (PAM). PIM, PAM, PUM, and SUPM, to name a few. As PAM solutions have evolved, analyst firm Gartner has established two further classifications to highlight different approaches: Privileged Account and Session Management (PASM) and Privilege Elevation and Delegation Management (PEDM). PASM and PEDM are two categories of security tools that have distinct approaches in how they manage access.
Image
Computer with ransomware

Endpoint Antivirus Software: What It Is, and Why You Need It

Sep 6, 2018
The threat landscape can be a frightening scene when you look at the malicious attacks and ransomware infiltrating organizations around the globe. The good news: Endpoint antivirus applications are making enormous strides in their ability to protect enterprise-level equipment and data from attack. The bad news: Many companies overlook the need to secure non-Windows infrastructure and focus their antivirus security efforts only on individual user workstations. This is typically because they assume user machines will be the entry points for invaders. This isn’t always the case.
Image
Virus Protection

A Full Body Scan: Protect Your Organization with Endpoint Antivirus Software

Sep 6, 2018
With cyberattacks still on the rise, you can never be too careful when it comes to securing your company’s data and the systems that house it. The problem is, without advanced endpoint protection it can be hard to discover the malware, viruses, and worms that may be lurking not only on user workstations, but also in server environments.
Image
Digital lockpad inside circle

The Lifecycle of a Security Event

Aug 21, 2018
As a syslog server incessantly pings with every security notification, security teams can feel as though they are drowning in a sea of security warnings. Without a SIEM, it’s difficult to know which events are truly critical and which can be ignored. However, when a SIEM has been implemented, security teams get a much clearer picture of their environment’s security. There could truly be no threats, or multiple incidents may be occurring that simply have not yet affected performance.

The Six Ws of Granular Access Control

Jul 31, 2018
Security experts are in general agreement that passwords will simply no longer suffice when it comes to system security. As the numerous breaches within the past years have shown, it is too easy to crack passwords and gain access to all the data across entire systems. So, what can an organization do to better protect its systems? This is where granular access controls, a key feature in certain identity and access management solutions, comes in.

Open Source SIEM vs. Enterprise-Level SIEM: Which Is Right for You?

Jul 25, 2018
Open source SIEM solutions provide basic functionality that can be great for smaller organizations that are just beginning to log and analyze their security event data. But over time, many IT pros find that open source SIEM software is too labor-intensive to be a viable option as the organization grows. In short, many organizations simply outgrow their open source solution.
Image
Digital Key

What are the 3 Most Common Access Risks?

Jul 11, 2018
These days it seems like there are security solutions for almost everything except the one thing you can never fully secure: humans. But while you can’t control everything they open or click on, you can control their access to your sensitive data.
Image
Data Security

Are Employees Undermining Your Data Breach Defenses from the Inside?

Jun 28, 2018
The annual Verizon Data Breach Report 2018 was released recently, and gives an independent, worldwide view of how market sectors are being attacked, scammed, spied on, and ransomed. 
Image
Man looking at a computer

How to Solve the Top 3 Struggles of Identity Governance and Administration

Jun 27, 2018
Identity Governance and Administration (IGA) is a complex and growing, set of solutions that are put in place to help your organization stay compliant with government or industry regulations and, perhaps more importantly, help secure your organization. However, with every new solution, there are a host of new problems. In working with our IGA customers we keep seeing certain problems emerge so, in this blog, we will address the top three struggles of an IGA solution that we see most often.

How to Pen-Test with Core Impact

Jun 11, 2018
When conducting a penetration test, most testers will develop some type of process, and repeat that same process on every engagement. As I think through the basics of penetration testing, I believe that process can be broken up into six steps. Now, I’m not saying every tester follows every step or performs these steps in this exact order, however, this is a pretty good process to follow. Let’s take a closer look at each step.
Image
Virus Protection

4 Reasons You Need Native Linux Virus Scanning

Jun 11, 2018
In today’s connected environments, Linux IT professionals can no longer claim that viruses are only a Windows threat. The biggest excuse people make for forgoing virus protection is that they scan their client PCs and therefore no virus would make it to the server. However, effective malware defense requires multiple layers. This brings us to the importance of native virus scanning. The following highlights the four main reasons security experts give for using antivirus software that runs natively on your Linux system.
Image
Performance gears

Do I Need Identity Governance & Administration (IGA)?

May 30, 2018
Identity Governance & Administration (IGA) is commonly defined as 'the policy-based centralized orchestration of user identity management and access control.' Identity governance helps support overall IT security and regulatory compliance. Put into simpler terms, IGA means leveraging the most intelligent and efficient path to mitigating identity risk in your business. 
Image
What is?

What is SIEM?

May 30, 2018
SIEM—or security information and event management—is a software category that aims to give organizations helpful insights into potential security threats across critical business networks through data normalization and threat prioritization. This is possible via a centralized analysis of security data pulled from a variety of systems, including anti-virus applications, firewalls, and intrusion prevention solutions.
Image
IT Security

Security So Easy, A Sales Guy Can Do It

May 16, 2018
Much like how I complain that I’m not losing weight - even though my treadmill has become a clothing rack- security only works if you use it. And, yes, I know I picked on the sales guys (and girls) in the title but, your security has to be easy enough to use and understand that anyone in the organization can use it, no matter their level of security training. I have heard multiple reports from our customers in healthcare that have implemented comprehensive and costly software to help keep their PHI data safe on all devices and across all networks. The problem?
Image
IT Security

SAO vs. SIEM: Not Enemies, But a Security Defending Duo

May 15, 2018
Security Information and Event Management (SIEM) solutions have been with us for more than a decade. Recently, Security Automation and Orchestration (SAO) products have moved into the spotlight, causing many to wonder if the days of SIEM are numbered. However, as both products continue to evolve, it’s becoming clear that it is less a matter of SAO vs. SIEM, but instead SAO and SIEM.
Image
Cloud Security

How SIEM Protects Cloud Servers

May 6, 2018
IT professionals everywhere are taking a good look at security information and event management (SIEM) applications to help them oversee their vast technology infrastructures. What once were IT stacks housed solely on premises now include increased expansion into cloud repositories, resulting in the prevalence of hybrid approaches. The ability to monitor security across these wide-reaching environments has never been harder—or more paramount.

Introducing Access Assurance Suite 9.1

May 2, 2018
Today, we are thrilled to announce the next step in our Identity Governance and Administration journey, the release of Core Access Assurance Suite 9.1.