Articles and White Papers

Helpful, provocative, tasty expertise.

ARTICLES
To help you better meet the most pressing security challenges of 2020, let’s take a closer look at seven predictions for the coming year.
by Boaz Gorodissky Co-founder and Chief Technology Officer, XM Cyberr
What if you could see your organization through the eyes of the attacker? The good news is that there are tools that can simulate cyberattacks and help you win this battle.
by XM Cyber Team
What if you could see your organization through the eyes of the attacker? The good news is that there are tools that can simulate cyberattacks and help you win this battle.
by XM Cyber Team
What is a purple team in cybersecurity? A purple team blends the activities of both red and blue teams. The purple team enables both attack and defense to exchange ideas, observations and insights more productively than is possible with the “us vs. them” ethos of the red/blue battles.
by XM Cyber Team
See where the threats are coming from, how they can move within your network, where the vulnerabilities in your defenses are, find them and close them before cyber attackers take advantage.
by GUS EVANGELAKOS
Let’s look at five resolutions that CISOs should consider in order to stay ahead of the game in 2020.
by BOAZ GORODISSKY
As more and more data are migrated to the cloud, new risks emerge making it critical for companies to assess their risk posture and understand how attackers can operate within their cloud environment. Organizations relying on the cloud must now understand how their new hybrid environment can be attacked from on-premise devices that link to cloud data.
by RAZ KOTLER
All assets don’t deserve the same level of protection. The truth is that resources are limited — and strategic assets absolutely require the most attention.
by TAMIR SHRIKI
Non-opportunistic, group-breaching organization in a strategic, long-term manner with clear objectives. They will not easily be deterred until they have achieved what they set out to do.
by XM CYBER TEAM
So how are attackers managing to breach networks and then burrow inside, undetected and undeterred?

Two words: Lateral movement.
by CHRIS FOSTER
what if a technique existed that allowed attackers to evade defense mechanisms while requiring little in the way of adjustments to malicious code?

Let’s take a closer look at this technique and its implications for endpoint security.
by AMIT WAISEL
Breach and attack simulations share seven features that help make this approach one of the most effective for the protection of critical assets.
by GUS EVANGELAKOS
Most banks currently use some automation, but not in the area of breach and attack simulation (BAS). These solutions are a relatively new category of tools that enable organizations to test network security in a risk-free environment.
by XM CYBER TEAM
While APIs help power the modern Web, they have also created a tempting new avenue of attack for enterprising cyber-criminals. Those challenges and conventions that used to work on prem previously don’t apply to cloud infrastructure anymore.
by GUS EVANGELAKOS
XM Cyber has pulled together a few smart steps to improve your IT hygiene .
by AMIT WAISEL
XM cyber takes a closer look at the efficacy of some conventional testing methods, and then explore why a fully automated breach and attack simulation (BAS) solution offers a novel and highly effective approach to testing and security.
by CHRIS FOSTER
By accessing identity, someone outside an organization (or even inside) can gain unfettered access to an organization’s most critical assets. So how should organizations respond to this urgent state of affairs?
by GUS EVANGELAKOS
Shadow IT is the gap between the IT security status, as perceived by the IT department, and the real picture. Here lies the crux of the matter: Hackers often rely on these very network gaps to operate in a stealthy mode and remain undetected under the radar.
by XM CYBER TEAM
“Some 90% of incidents are caused by human error, while 93% could have been prevented if best-practice measures had been followed,”

The bad guys no longer need to waste time and money constructing elaborate new attacks, because they are patient and know they can sneak through companies’ defenses and move laterally from breach points to the “crown jewels” just by taking advantage of poor IT hygiene.
by XM CYBER TEAM
Humans are simply hardwired to be susceptible to an IT security fail. Yet while human nature may be the most significant role in cyber security fails, it’s not the sole reason why incidents occur. Let’s take a closer look at a few, more technical examples of common failure points.
by RICHARD BENIGNO

THINK LIKE A HACKER