Cyber Security Awareness and Vulnerabilities Blog

Computer with ransomware

Endpoint Antivirus Software: What It Is, and Why You Need It

Sep 6, 2018
The threat landscape can be a frightening scene when you look at the malicious attacks and ransomware infiltrating organizations around the globe. The good news: Endpoint antivirus applications are making enormous strides in their ability to protect enterprise-level equipment and data from attack. The bad news: Many companies overlook the need to secure non-Windows infrastructure and focus their antivirus security efforts only on individual user workstations.
Digital lockpad inside circle

The Lifecycle of a Security Event

Aug 21, 2018
As a syslog server incessantly pings with every security notification, security teams can feel as though they are drowning in a sea of security warnings. Without a SIEM, it’s difficult to know which events are truly critical and which can be ignored. However, when a SIEM has been implemented, security teams get a much clearer picture of their environment’s security. There could truly be no threats, or multiple incidents may be occurring that simply have not yet affected performance.

The Six Ws of Granular Access Control

Jul 31, 2018
Security experts are in general agreement that passwords will simply no longer suffice when it comes to system security. As the numerous breaches within the past years have shown, it is too easy to crack passwords and gain access to all the data across entire systems. So, what can an organization do to better protect its systems? This is where granular access controls, a key feature in certain privileged access management solutions come in. 
Security icons

Open Source SIEM vs. Enterprise-Level SIEM: Which Is Right for You?

Jul 25, 2018
Open source SIEM solutions provide basic functionality that can be great for smaller organizations that are just beginning to log and analyze their security event data. But over time, many IT pros find that open source SIEM software is too labor-intensive to be a viable option as the organization grows. In short, many organizations simply outgrow their open source solution.
Digital Key

What Are the 3 Most Common Access Risks?

Jul 11, 2018
These days it seems like there are security solutions for almost everything except the one thing you can never fully secure: humans. But while you can’t control everything they open or click on, you can control their access to your sensitive data.
Data Security

Are Employees Undermining Your Data Breach Defenses from the Inside?

Jun 28, 2018
The annual Verizon Data Breach Report 2018 was released recently, and gives an independent, worldwide view of how market sectors are being attacked, scammed, spied on, and ransomed. 
Man looking at a computer

How to Solve the Top Three Struggles of Identity Governance and Administration

Jun 27, 2018
Identity Governance and Administration (IGA) is a complex and growing set of solutions that are put in place to help your organization stay compliant with government or industry regulations and, perhaps more importantly, help secure your organization. However, with every new solution, there are a host of new problems. In working with our IGA customers, we keep seeing certain problems emerge so, in this blog, we will address the top three struggles of an IGA solution that we see most often.
Virus Protection

4 Reasons You Need Native Linux Virus Scanning

Jun 11, 2018
In today’s connected environments, Linux IT professionals can no longer claim that viruses are only a Windows threat. The biggest excuse people make for forgoing virus protection is that they scan their client PCs and therefore no virus would make it to the server. However, effective malware defense requires multiple layers. This brings us to the importance of native virus scanning. The following highlights the four main reasons security experts give for using antivirus software that runs natively on your Linux system.

How to Pen-Test with Core Impact

Jun 11, 2018
When conducting a penetration test, most testers will develop some type of process, and repeat that same process on every engagement. As I think through the basics of penetration testing, I believe that process can be broken up into six steps. Now, I’m not saying every tester follows every step or performs these steps in this exact order, however, this is a pretty good process to follow. Let’s take a closer look at each step.
Performance gears

Do I Need Identity Governance & Administration (IGA)?

May 30, 2018
Identity Governance & Administration (IGA) is commonly defined as 'the policy-based centralized orchestration of user identity management and access control.' Identity governance helps support overall IT security and regulatory compliance. Put into simpler terms, IGA means leveraging the most intelligent and efficient path to mitigating identity risk in your business. 
What is?

What is SIEM?

May 30, 2018
SIEM—or security information and event management—is a software category that aims to give organizations helpful insights into potential security threats across critical business networks through data normalization and threat prioritization. This is possible via a centralized analysis of security data pulled from a variety of systems, including anti-virus applications, firewalls, and intrusion prevention solutions.
IT Security

Security So Easy, A Sales Guy Can Do It

May 16, 2018
Much like how I complain that I’m not losing weight - even though my treadmill has become a clothing rack- security only works if you use it. And, yes, I know I picked on the sales guys (and girls) in the title but, your security has to be easy enough to use and understand that anyone in the organization can use it, no matter their level of security training. I have heard multiple reports from our customers in healthcare that have implemented comprehensive and costly software to help keep their PHI data safe on all devices and across all networks. The problem?
IT Security

SAO vs. SIEM: Not Enemies, But a Security Defending Duo

May 15, 2018
Security Information and Event Management (SIEM) solutions have been with us for more than a decade. Recently, Security Automation and Orchestration (SAO) products have moved into the spotlight, causing many to wonder if the days of SIEM are numbered. However, as both products continue to evolve, it’s becoming clear that it is less a matter of SAO vs. SIEM, but instead SAO and SIEM.
Cloud Security

How SIEM Protects Cloud Servers

May 6, 2018
IT professionals everywhere are taking a good look at security information and event management (SIEM) applications to help them oversee their vast technology infrastructures. What once were IT stacks housed solely on premises now include increased expansion into cloud repositories, resulting in the prevalence of hybrid approaches. The ability to monitor security across these wide-reaching environments has never been harder—or more paramount.

Introducing Access Assurance Suite 9.1

May 2, 2018
Today, we are thrilled to announce the next step in our Identity Governance and Administration journey, the release of Core Access Assurance Suite 9.1.
IT Security

Assess the Effectiveness of Your Security Controls with Penetration Testing

Apr 23, 2018
It’s important for all organizations to periodically assess and test security vulnerabilities, to better evaluate risk and be ready to detect, prevent and respond to threats as they happen. Vulnerability assessments, penetration tests and Red Teams help you identify and prioritize security risks, which also improves your overall security posture. Gartner recently released a detailed research report covering the use of penetration testing and Red Teams. The report describes the processes and suggests ways that organizations can use them to reduce risk.

Ransomware Hits the City of Atlanta

Apr 19, 2018
On March 22, the city of Atlanta was brought to its knees by a ransomware attack. CNN reported that the malicious incident affected at least five of the city’s municipal departments, effectively locking down key functions for the police, courts, and more. The attackers asked for the $51,000 ransom to be paid in the bitcoin cryptocurrency.
Cloud Security

Cloud Misconfiguration and the Curse of the Inadvertent Employee

Apr 19, 2018
We all know that to err is human. The problem is some mistakes are an order of magnitude larger than others. If you forget to buy apples at the store, that’s unfortunate. But if you forget to lock down your cloud server with the proper security controls and hackers gain entry… That’s a problem that could cost your business dearly.

What Tesla’s Cryptojack Attack Means for the Rest of Us

Apr 17, 2018
In February, Fortune, Wired, and other media outlets reported that hackers worked their way into automaker Tesla’s Amazon Web Services (AWS®) cloud account to mine for cryptocurrency. These so-called “cryptojacking” attacks are on the rise in concert with escalating cryptocurrency prices, prompting hackers to gain access to company networks to generate these virtual forms of tender.

The Latest Exploits Shipped to Core Impact 18.1

Apr 1, 2018
Summary for all of the exploits and updates shipped to Core Impact 18.1 since its release (on Feb 14th): 14 Updates Overall 3 Remote Exploits 5 Client-Side Exploits 3 Local Exploits 3 Product Updates Here is the list of published updates:
Security shield with keyhole

Introducing the Visual Identity Suite

Mar 19, 2018
We all know that there are clear problems in the industry when it comes to role design and entitlement certification. Problems like:
Cloud Security

Eight Steps Toward a Secure Hybrid Cloud Environment

Mar 15, 2018
Your business may already use an extensive cloud environment—or maybe you’re just evaluating your options for spinning up a single cloud server. Either way, this guide is your sanity check for aligning the security policies in place for your on-premise and cloud technology to protect data (and your company) from internal and external threats. Synchronized policies not only strengthen the security of data, but they also effectively enable your organization to maintain operations and prepare for regulatory audits.

Perspectives on the Changing Linux Ecosystem

Mar 12, 2018
In the early 1990s the Open Software Foundation formed a committee to select and standardize a new Management Platform Toolset for and from the UNIX ecosystem. After much soul searching over a few months the OSF Management Platform never arrived. One of the committee, from the team that invented The Newcastle Connection (1980s *NIX history, go Google it) made a compelling presentation explaining why they failed. He spent the next 40 minutes wearing two hats, an exquisite red silk Chinese mandarin hat (with feather), and a green canvas guerrilla cap.
Cloud Security

With Public Cloud OS Instances Growing, Security Challenges Grow, Too

Mar 12, 2018
“Some cloud vendors tout that systems deployed within their framework require little or no administration: You create an image with the software and applications that you want it to provide services for, spin it up in a management console, and Voila! you have an entirely new system online; with minimal cost, no hassle, little work. However, even with newer models for virtualization appearing on the horizon, this is not exactly how things are actually used today.”  

Customizable Reports with Core Impact

Feb 19, 2018
Today we're sharing how to use the customizable reports functionality available in Core Impact. In order to generate such agents, we'll use the "Network Report Generation" wizard. From the list of available reports, filter for type "spreadsheet" and select "Network Host Report". When clicking on "Duplicate" we'll get the prompt for a new report name. The new report can then be customized by selecting the "Edit" option.