Threat modeling frameworks and methodologies


Threat modeling is a process by which organizations can shift their security approach from reactively plugging exploits to proactively and systematically understanding and addressing potential threats in the design stage. This process identifies potential threats to the system, data/asset exposure, logical/architectural vulnerabilities, and relevant security controls to help evaluate security decisions, serve as a guide... Continue Reading →

Advertisements

Unpatched vulnerabilities; Is it problem worth solving?


Enterprise today are investing in world class security products and do hire talented workforce to keep their business assets safe from any attack vectors. According to IBM XForce Threat Intelligence Index 2019, the growing attack surface and rising risk in organization today are vulnerability remediation and effective patch management. Security leaders wanting their security operations... Continue Reading →

Application visibility is key for data center micro segmentation


Micro segmentation is key for zero-trust network Micro segmentation divides a network at a granular level, allowing organizations to tailor security settings to different types of traffic and create policies that limit network and application flows to those that are explicitly permitted. It allows security teams the flexibility to apply the right level of protection... Continue Reading →

Importance of security operational metrics and reports


Enterprise today has limited security resources and are strive to ensure the confidentiality, availability and integrity of data. The cost of securing operational assets and data is an important consideration. Each enterprise must find ways to balance between managing risk and cyber security expenditures. Role of measurements and metrics in security operation center Measurements tend... Continue Reading →

Cyber Threat Intelligence Sources


On Feb 12, 2015, US president sign an Executive Order to encourage and promote sharing of cybersecurity threat information within the private sector and between the private sector and government. Rapid information sharing is an essential element of effective cybersecurity, because it enables companies to work together to respond to threats, rather than operating alone.... Continue Reading →

Revolutionary threat hunting platform for massive data


A global platform for analyzing enterprise security telemetry Enterprises today has security systems in place, often including network security devices such as firewalls, SIEMs, IDS, secure web gateways, network anomaly behavior, deception, packet capture, and endpoint security devices such as EDR technologies, email security, encryption technologies, etc.. Together, these solutions generate massive amount of telemetry... Continue Reading →

Blog at WordPress.com.

Up ↑

%d bloggers like this: