Resources

Blog

IGA and the Cloud: What You Need to Know

With the rise of cloud computing, organizations have expanded their reliance upon cloud platforms. Many have expanded their capabilities and capacity through cloud servers, while others have adopted a hybrid approach that includes both cloud and on-premise environments. Gartner predicts that by the end of 2020, ‘75 percent of organizations will have deployed a multi-cloud or hybrid cloud model,’...
Blog

Tips for Helping Vulnerability Managers Sleep Easier

Wouldn’t it be nice to sleep easy at night and not have to worry if your vulnerability management program is really catching all the vulnerabilities that could be and are in your environments? Wouldn’t it even be nicer if you could get them prioritized by risk and truly make sure they are mitigated or remediated based on what attackers may try to leverage first? How about that resource(s) who now...
Blog

4 Steps to a Winning Vulnerability Management Program

Many winning vulnerability management programs have evolved to include additional solutions and workflows, beyond scanning, adding to a larger picture required to truly understand how an adversary could and will attack. Here are few best practices to keep in mind when maturing your own vulnerability management program: 1. Understand your company’s risk Do you know how much risk is acceptable to...
Blog

The Biggest Problem with User Access and How To Fix It

Did you know that one of the top nine attack types consistently covered in Verizon’s Data Breach Report are insider threats and privileged misuse? According to this year’s report, 66% of insiders steal information in hopes of selling it for cash, 17% are just unsanctioned snooping and 15% are taking it in order to take the information to a new employer. What is the root cause of all of these...
Blog

6 Realities for Effectively Managing Privileged Accounts

Big or small, every organization has accounts that hold ‘keys to the kingdom’ credentials. Almost every account holds some level of privilege that can potentially be compromised, resulting in not only financial, but reputational damage. Looking at top patterns in the 2016 Verizon Data Breach Investigations Report, insider and privileged misuse lands the second most common cause of breaches, 16% of...
Blog

4 Common Mistakes in Pen testing

Are you guilty of any of these mistakes in your pen-tests? Maybe you've never done these before and now you'll forever remember these as things to avoid when running any future penetration tests. 1. Improperly disposed network gear It’s surprising how often there are still configurations on network gear after disposal. This is putting your company at risk beyond their lifespan. 2. Devices with...
Video

How to Solve the Top 3 Struggles with Identity Governance and Administration (IGA)

Identity Governance and Administration solutions are more than the newest security buzzword, they are integral solutions that work with your Identity and Access Management solutions to keep your network safe. In this webinar, our product solutions team explains how to solve, the three biggest struggles they see with IGA programs such as: Dealing with third party contractors Struggling with...
Blog

Jingle Bells, Retail Sells, Attacks Are on the Way (Part 1)

It’s that time of year where retail booms as the world goes shopping for gifts during the holiday season. It’s a time for retailers to shine. But, it’s also the time where retailers are most vulnerable to security risks as bad actors gear up to target them. In this two part series, we will discuss things retailers should consider this holiday season to better secure themselves from attacks and to...
Blog

How to Deal with Changing Financial Cybersecurity Regulations

Late last year the New York State of Financial Services (DFS) announced that New York would be proposing a "first in the nation" rule on cyber-security to go into effect on March 1, 2017 which would impact any bank, insurance company and anyone else covered by DFS. The rule requires any regulated company design a cybersecurity program that assesses its risks to ensure the safety and soundness of...
Video

How to Take Your Vulnerability Management Program to the Next Level

Managing security vulnerabilities is no easy task: identifying, classifying, remediating, and mitigating weaknesses in the IT infrastructure is a continuous process that has only grown more challenging with an increasing number of attacks. Most organizations have the fundamentals in place: running regular vulnerability scans, establishing basic prioritization methods, having a patching process,...
Video

8 Ways to Tackle the Biggest Access-Related Challenges in Financial Services

Financial services organizations today face extraordinary challenges in a dynamic, complex landscape. During the last two decades, the financial services sector has seen everything from increasing cybersecurity threats, data breaches, and cyberattacks to intensified regulatory compliance, an acceleration of digital transformation, and the pressure to increase operational efficiencies and decrease...
Blog

5 Most Notable New Features in Core Impact 20.1

We are so excited about our latest release of Core Impact. Version 20.1 was fueled largely by the valuable and genuine feedback our customers have shared with us. This release was jam packed with new features, including several new additions that offer added convenience and increased usability. To recap, we thought it would be helpful to highlight the top 5: 1. Flexible Licensing Core Impact now...
Ecourse

Conducting Phishing Attacks in Core Impact

There are endless possibilities when it comes to conducting phishing campaigns using Core Impact. These training videos are designed to get you started and provide ideas on how you can set up your phishing campaigns.
Ecourse

Core Impact Advanced Techniques

This series is designed to provide tips and tricks for penetration testers to conduct as they become more advanced users in Core Impact. From injecting agents to conducting a golden ticket attack, this series includes advanced techniques that can help you understand where your organization is most vulnerable. ...