How to Combat Advanced Persistent Threats

Imagine the following Security Operations (SecOps) scenario. A large organization conducts regular audits of its security controls. It monitors a collection of intrusion detection appliances and uses Artificial Intelligence (AI) tools to search for anomalies in network traffic. After six months, during which nothing significant appears to have happened, the organization becomes aware of a […]

Did you just create a paradise for hackers? – Part 2

Why Shadow IT is the oxygen supply for APTs & what can you do to cut it off? The Use Case of Reverse RDP This is the second post of the series highlighting real life APT attacks examples (you can find the first post here). This post covers another real-life scenario we have experienced at one […]

Breach and Attack Simulation – Know Your Enemy

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” ― Sun Tzu, The Art […]

Jiu-Jitsu training and Red/Blue teaming… How are they the same?

I am super passionate about Jiu-Jitsu and InfoSec. I have been involved in InfoSec for 18 years, and Jiu-Jitsu for 10. So how am I drawing the similarities between these two art forms? Both are based on the concept of – offense and defense.  In Jiu-Jitsu, you need to have a good offense along with […]

What is proactive cyber defense?

Cybercrime is obstructing business and governments worldwide. No longer just an IT problem, it is the biggest threat to organizations’ reputation and business continuity. Research shows 54% of organizations experienced one or more attacks that compromised data or their infrastructure, and only a third of organizations believe they have adequate resources to manage security effectively. […]

All Ahead Full… Bureaucracy: The DoD’s New “Do Not Buy” Software List

Another day, another head scratcher from the DoD regarding cyber security policies. BleepingComputer.com reported on July 30 that the Department of Defense (DOD) has been quietly developing a “Do Not Buy” list of companies known to use Chinese and Russian software in their products.    

These are the 61 most innovative startups in the world

Innovation doesn’t just belong to Silicon Valley — it comes from everywhere. That’s the message from the World Economic Forum sent with its annual list of the most innovative companies in the world. The list includes 61 early-stage companies whose technologies are “world changing.” They’re from, yes, Silicon Valley, but there are also several from […]