Blogs & Editorials

Stay up to date on cybersecurity

Office 365 is Microsoft Office software as a service. Moving into the cloud opens new attack surface vectors. This eventually allows the attacker to gain access to sensitive data stored on emails, drives, SharePoint sites, and more. Gaining the initial foothold can be achieved from multiple techniques: Password Spraying Credentials stored on GitHub repositories / […]
February 1, 2021
XM Cyber is constantly striving to improve its products and help our clients better protect their most critical assets. As part of this mission, we needed to increase scalability. Ultimately, by migrating to Big Data and Stream Processing, we were able to realize this objective, overcome some challenges — and learn some useful information that […]
January 25, 2021
Humans have always been intrigued by paradoxes and puzzles. The ancient Greeks, from Plato to Plutarch, debated whether if you replaced every plank of a wooden ship with a new plank, would it still be the same ship? Let’s take another puzzle that sometimes gets raised in today’s culture: If everyone is beautiful, is anyone […]
January 21, 2021
Cloud services are booming and adoption continues unabated. That’s a good thing, given that the efficiencies that are attached to cloud computing can unlock value and scalability and make organizations more competitive. There is one significant caveat, however: All of this growth and adoption has created extraordinary complexity and increased risk. Many infrastructure providers offer […]
Tagged under: ,
January 21, 2021
The “New Year’s blog” is an established — if not exactly cherished — tradition in business communication. It’s an opportunity to reflect on the past year and prepare for what lies ahead. This year, however, we at XM Cyber want to get an early jump on our thoughts on cybersecurity for 2021. The latest research […]
Tagged under: , ,
January 20, 2021
Should We Prioritize Detection or Prevention? The XM Factor Is Needed. In 1736, Benjamin Franklin famously advised fire-threatened Philadelphians that “An ounce of prevention is worth a pound of cure.” When considering the recent SolarWinds SUNBURST backdoor attack, which impacted a reported 18,000 United States government agencies and myriad large global corporations, this proverb holds […]
January 20, 2021
A Cybersecurity Vaccine Exists – and It Is 99% Effective. Learn How to Inoculate Your Organization From Attacks in 2021 There’s no sugarcoating it: COVID-19 helped make 2020 a bad year for almost everyone. There is one glaring exception, however — sophisticated hacker collectives. For them, 2020 has been a veritable wonderland of opportunity with […]
January 20, 2021
Penetration tests have always been a bit of a love/hate proposition for most organizational security teams. On one hand, a thorough and rigorous manual test conducted by an experienced team of testers can uncover deeply hidden vulnerabilities that would otherwise fall through the cracks. On the other hand, such tests can take weeks or months […]
January 14, 2021
Convenience vs security — the eternal dilemma… As a part of SecOps or DevOps team, you probably face this dilemma every day >> How to grant a certain user or application precisely the number of permissions they need to run. No more, no less. Principal entities are people or applications that are authenticated using an […]
Tagged under: , ,
December 7, 2020
Why You Need a Cyber Attack Simulation Tool
It’s hardly news to point out that maintaining a strong security posture has never been tougher. Yet how high, truly, are the stakes? Consider this: The average data breach costs organizations roughly $4 million, according to the Ponemon Institute — and could theoretically cost much more Nearly 400,000 new bits of malware are identified daily. […]
Tagged under:
November 24, 2020