Cyber Security Awareness and Vulnerabilities Blog

1200x628.png

As each year draws to a close, the temptation is always to wipe the slate clean, put the past behind us, and have a fresh start come January. However, for most things, and particularly when it comes to cybersecurity, the best way to…

Read More

As an exploit writer, one of my tasks consists of gathering common vulnerabilities and exposures (CVE) and all of the information related to them in order to design an exploit for Core Impact. As part of this process I stumbled across CVE-2018-15422: A…

Read More

hero-image.jpg

As a syslog server incessantly pings with every security notification, security teams can feel as though they are drowning in a sea of security warnings. Without a SIEM, it’s difficult to know which events are truly critical and which can be ignored. However,…

Read More

ptx-open-source-v-commercial-blog-1920x744.jpg

Open source SIEM solutions provide basic functionality that can be great for smaller organizations that are just beginning to log and analyze their security event data. But over time, many IT pros find that open source SIEM software is too labor-intensive to be…

Read More

These days it seems like there are security solutions for almost everything except the one thing you can never fully secure: humans. But while you can’t control everything they open or click on, you can control their access to your sensitive data. However, with increasing numbers…

Read More

Identity Governance and Administration (IGA) is a complex and growing, set of solutions that are put in place to help your organization stay compliant with government or industry regulations and, perhaps more importantly, help secure your organization. However, with every new solution, there are…

Read More

"An innovative and business-friendly approach to access governance" This week Core Access Insight (AI) was named as a leader in the KuppingerCole Leadership Compass for Access Governance and Intelligence. In addition, we’re proud to report the product was named as a leader in three…

Read More

When conducting a penetration test, most testers will develop some type of process, and repeat that same process on every engagement. As I think through the basics of penetration testing, I believe that process can be broken up into six steps. They are: Information…

Read More

Here is the summary of all exploits released since April 2nd, the last Dot Release: 16 Updates overall  9 Remote exploits 4 Client-Side exploits 3 Product updates Here is the list of published updates: Remote Exploits: Disk Pulse Enterprise GET Buffer Overflow Exploit Disk Savvy Enterprise Buffer Overflow Exploit DiskBoss Enterprise Buffer…

Read More

what-is-siem.jpg

SIEM—or security information and event management—is a software category that aims to give organizations helpful insights into potential security threats across critical business networks through data normalization and threat prioritization. This is possible via a centralized analysis of security data pulled from a…

Read More