News|Vendors

What Is the Federal Risk and Authorization Management Program (FedRAMP)?

Robbie Araiza    ·      Thursday, April 6th, 2023 An Introduction to FedRAMP In late 2011, the Office of Management and Budget under the Obama Administration released a memorandum that introduced the Federal Risk and Authorization Management Program (FedRAMP), noting that “[in the two years prior], the Administration worked in close collaboration with the National Institute of […]

What Is the Federal Risk and Authorization Management Program (FedRAMP)? Read More »

The Magical Implementation – It Pays To Advertise

Dana McMullan    ·      Tuesday, April 4th, 2023 A magical and practical series of tips, tricks, and a real-world guide to implementing impactful end user technologies at scale (Based on a Data Classification implementation but applicable to most large End User Impact implementations) Preface Dana McMullan is founder of Pasteboard Consulting, LLC specializing in End User

The Magical Implementation – It Pays To Advertise Read More »

3CXDesktopApp Backdoored in a Suspected Lazarus Campaign  

Table of Contents Introduction The attack involved a compromised version of the 3CX VoIP desktop client, which was used to target 3CX’s customers. The compromised 3CX application is a private automatic branch exchange (PABX) software and is available for Windows, macOS, Linux, Android, IOS and Chrome. Currently, there are reports of attacks for both Windows

3CXDesktopApp Backdoored in a Suspected Lazarus Campaign   Read More »

ACSC Essential 8 Cybersecurity Strategies, Maturity Levels, and Best Practices

Table of Contents Originally published in 2017 as an evolution of the Australian Signals Directorate’s Strategies to Mitigate Cyber Security Incidents, the Australian Cyber Security Centre (ACSC) Essential 8 (E8) consists of a set of strategies that can make it harder for threat actors to compromise a firm’s cybersecurity defenses. This blog examines specific aspects

ACSC Essential 8 Cybersecurity Strategies, Maturity Levels, and Best Practices Read More »

Tackling the Challenge of Actionable Intelligence Through Context

Recognition of the importance of threat intelligence has been building for years. But it has taken center stage as the acceleration of digital transformation and the shift to hybrid work models have expanded the attack surface, and geopolitical events have raised the stakes for defenders to protect critical infrastructure and sensitive data. Government leaders are

Tackling the Challenge of Actionable Intelligence Through Context Read More »

A New Approach to Discover, Monitor, and Reduce Your Modern Web Attack Surface

Table of Contents Web applications reign the internet universe, but also bring new risks that let attackers poke holes in an ever-expanding attack surface.  Stolen credentials have been the historical culprit. Recent analysis saw a spike in exploits targeting web applications directly through specially-crafted attacks against vulnerable source code. According to Verizon in their most recent

A New Approach to Discover, Monitor, and Reduce Your Modern Web Attack Surface Read More »

Custom Data Collection & Enhanced Monitoring for IT Service Teams | Riverbed

The principle of IT Service Management is to enable better Service Delivery by focusing on how IT teams can manage the end-to-end delivery of IT services to not only their users, but their customers as well. While Alluvio Aternity can support IT teams in meeting their goals by providing out of the box real-time visibility

Custom Data Collection & Enhanced Monitoring for IT Service Teams | Riverbed Read More »

What Is the Cybersecurity Maturity Model Certification (CMMC)?

Robbie Araiza    ·      Thursday, March 2nd, 2023 What Is the Cybersecurity Maturity Model Certification (CMMC) and Who Does It Apply To? The Cybersecurity Maturity Model Certification (CMMC) is a comprehensive assessment framework and certification program launched by the Department of Defense to protect the Defense Industrial Base (DIB) from increasingly frequent and complex cyberattacks. It

What Is the Cybersecurity Maturity Model Certification (CMMC)? Read More »