Watch this video to learn about Zero Standing Privilege (2:08)
Watch this video to learn about Zero Standing Privilege (2:08)
by Brian Hanrahan, on Sep 23, 2022
Zero Trust is a phrase that evokes a myriad of reactions and definitions. In the vendor marketplace, it’s an often repeated slogan. For organizations, IT departments, and cybersecurity teams, it’s a challenging mountain to climb. To many of our customers, it’s a journey in which they are progressing. At its …
Read Storyby Remediant, on Sep 09, 2022
Multi-factor authentication is now considered table-stakes within cybersecurity but companies struggle to successfully adopt and deploy the technology. Here's why: Cost and technical complexity are often cited as top reasons for deployment failure. With IT budgets and staff pulled in so many different directions, these are significant concerns. Multi-factor authentication …
Read Storyby Raj Dodhiawala, on Sep 01, 2022
Speaking for myself, I unfortunately have developed a sense of apathy to the continuing success of cyberattacks. I don’t care to read beyond the headline that a ransomware attack resulted in a payout. Worse, I am less jarred by the next email from a provider about my personal data being …
Read Storyby Stephen Burgio, on Aug 15, 2022
The MITRE ATT&CK Frameworks highlights Privilege Escalation and Lateral Movement as the 2 of the top 5 attach techniques. We will use the Cisco breach as the most current example of how a "standard attack" plays out by a (likely) human adversary. The steps taken were straightforward (though a bit …
Read Storyby Paul Lanzi, on Jul 12, 2022
The Internet Service Provider, Northcoast Internet, where I got my start working in technology had a number of public-use internet terminals (remember those?!) in the front area of our small office’s storefront. It provided a way for folks without computers — or without their own home internet connection — to …
Read Storyby Tim Keeler, on Jun 20, 2022
Session recording has traditionally been considered one of the core capabilities of a mature Privilege Access Management implementation. The idea is novel - an administrator logs into a jump box/bastion host and that system brokers a connection to the system you're attempting to access. During this "session" it records the …
Read Storyby David Levine, on Apr 26, 2022
A common attack method used today is known as Supply-Chain Attack. A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less-secure elements in their supply chain. Supply-Chain Attacks may not attack your company directly; however, an attack on your organization thru your supply chain …
Read Storyby David Levine, on Apr 05, 2022
Unfortunately for the security industry, this is the second time this month that I am writing about a highly publicized incident that has taken place using elevated credentials and lateral movement. This time the attack was against the identity platform OKTA. I am saddened by these attacks on many levels, …
Read Story