Resources

Security Compliance
Blog

Guest Post- Alex Naveira, Director, ITGA & CISO on Compliance

Tue, 07/21/2020
Guest Post- Alex Naveira, Director, ITGA & CISO on Compliance To continue this month's conversation on compliance, we have another special guest joining us on the blog today. Alex Naveira is the Director, ITGA & CISO at Miami Children's Hospital and oversees multiple locations. We asked Alex what compliance meant to him and he had a list of different kinds of compliance and said "which one?"...
IGA
health-care-identity-governance-doctor-with-ipad
Blog

Healthcare Identity Governance in the Era of COVID-19: Five Critical Issues Your Organization Can’t Afford to Overlook

Wed, 07/15/2020
The impact of COVID-19 has been far-reaching across nearly every sector. But none has been so greatly disrupted as the healthcare industry. Managing through this crisis has required healthcare systems to expand some aspects of their workforce and redeploy others virtually overnight in order to transform the way they offer services to patients. Redeploying resources, leveraging a mobile workforce,...
IGA
Performance gears
Blog

The Truth About Pen Testing Automation

Mon, 07/13/2020
With cybersecurity attacks perpetually on the rise, security teams are under more pressure than ever. While pen testing can help these teams by finding vulnerabilities before adversaries can, even pen testing comes with its challenges. A skills shortage, new and expanding regulations requiring testing, and other critical daily security duties increasingly leave cybersecurity professionals...
Penetration Testing
Getting Inside the Mind of an Attacker: Going Beyond the Exploitation of Software Vulnerabilities
Video

Getting Inside the Mind of an Attacker: Going Beyond the Exploitation of Software Vulnerabilities

Tue, 07/07/2020
When evaluating potential risks to an organization, the human factor is one of most dynamic and crucial elements to consider. An attacker can take advantage of security pitfalls introduced by humans, gaining access and even escalating privileges. Anyone from a regular user to an IT admin can make simple but critical errors that allow a threat actor to enter your organization’s network. In this...
Data Security
Video

Top Reasons to Move from Syslog to a SIEM

Tue, 06/23/2020
Your security team is perpetually busy protecting your organization’s data. But they can often be overwhelmed with tasks related to security events from a constantly pinging syslog. SIEM—or security information and event management—software can help IT teams get a streamlined view of activity and potential concerns. Differentiating “event data” from “log data,” as they are related to SIEM, is...
SIEM
pen testing for a remote workforce
Blog

The Importance of Penetration Testing for a Remote Workforce

Mon, 06/22/2020
As we continue to adapt in these unprecedented times, many workplaces have remained fully remote. In fact, some organizations have seen enough benefits from remote work that they are planning a permanent shift away from a traditional office environment, instead having their workforce either partially or fully remote. Whether temporary or permanent, remote work has been a large adjustment for...
Penetration Testing
IT Security
Video

Closing the Gap on Access Risk

Fri, 06/12/2020
Access-related risks represent one of the biggest obstacles organizations must address in a complex threat landscape—and they are lurking everywhere. Whether from changes in the business, like hiring, promotions, or transfers, from business growth and transformation, including M&A activity, corporate reorganizations, or new product introductions, from infrastructure changes, like new platforms,...
IGA
Article

Reversing & Exploiting with Free Tools: Part 5

In part four, we performed an analysis of stacks three and four with exercises on testing bad characters. In this next part, we will complete our analysis of Stack4 using IDA Free. In subsequent parts, we’ll complete ABOS exercises that delve deeper into the use of the different tools. Those exercises are located in the ABOS Folder and will challenge us to open and run a calculator, notepad, or...
Blog

Top Data Breaches of 2019: How You Can Minimize Your Risks

Wed, 06/03/2020
Your organization made the headlines! That’s great, right? Not if it’s because you had sensitive data breached. A data breach can wreak financial and logistical havoc for you, your customers, patients, employees, and others. More importantly, it can severely impact the reputation you’ve so carefully built up and nurtured over time with existing as well as potential customers. According to Risk...
IT professionals in server room
Blog

How to Leverage a Comprehensive Privileged Access Management Security Approach

Tue, 06/02/2020
Effectively managing privileged access has become a top priority for many organizations seeking to protect their data and systems from unauthorized users. That’s because inappropriate access can expose valuable organizational data, compromise sensitive information, and adversely affect system reliability. The latest Verizon Data Breach Investigations Report found that the majority of data breaches...
PAM
Man looking at a computer
Blog

How Financial Services Organizations Can Mitigate Their Top Identity-Related Access Risks

Mon, 06/01/2020
Financial services organizations face numerous challenges in a constantly changing landscape. With increased cybersecurity threats, intensified regulatory requirements, an acceleration of digital transformation, large-scale mergers and acquisitions, and growing customer expectations, these organizations must pursue strategies and programs that mitigate risks, safeguard valuable data, and protect...
IGA
Fingers types with digital security icons
Video

How Penetration Testing Reduces Risk

Mon, 06/01/2020
Though cybersecurity defenses are increasingly sophisticated, threat actors have also become more creative in order to achieve their end goals. They continue to find new ways to use the technologies most integral to businesses – mobile devices, computers, servers, websites, wifi, and email – as entry points to breach networks for malicious purposes. What more can be done to reduce the risk of...
Penetration Testing
Hacking detected
Video

Combating Ransomware: Building a Strategy to Prevent and Detect Attacks

Mon, 06/01/2020
Forms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works. In this webinar, Bob Erdman and Sandi Moore go in-depth on the ransomware attack cycle,...
Threat Detection
Cloud Security
Video

The Effects of Cloud Migration on IAM, PAM, and Audit

Mon, 06/01/2020
Companies are continually reassessing which cloud infrastructures provide dynamic provisioning for their business units, using the best price points available. Many organizations are jostling between AWS, Google Cloud, and Microsoft Azure offers versus private cloud alternatives like OpenStack. Your business planning team is reviewing annually cost vs efficiencies, and procurement cycles are...
PAM
Security icons
Video

What’s Lurking In Your Network? Uncovering Hidden Access Risks Before It’s Too Late

Mon, 06/01/2020
No matter how buttoned-up your organization is in its identity and access management approach, you may be overlooking one thing that poses a huge risk to your business. Hidden access. Not only does hidden access expose your organization to increased threats, but it magnifies the impact of identity-related risks throughout your entire business. In other words, what you don’t know can hurt you....
IGA