Cyber Security Blog

A well written security policy lets employees know what is and isn't allowed within your organization. Without clearly defined policies...

SIEM is a powerful tool to analyze large volumes of logs for security events and for generating automated alerts. Without a SIEM...

Logs contain the footsteps of hidden enemies working to compromise your environment. In this sixth article in our series on the top security controls...

It only takes one misconfigured host for an attacker to gain access to your environment. Implementing a strategy for securely configuring the hosts in your environment is critical to protecting your organization. In this fifth article in our series on the top security controls...

Admin privileges are the keys to your kingdom, insufficient protection increases the likelihood of a hacker using them against you. In this fourth article in our series on the top security controls...

Managing the vulnerabilities that exist in your environment is a crucial step in securing your organization. In this third article in our series on the top security controls...

Maintaining an up-to-date inventory of software assets is a crucial step in securing your organization. In this second article in our series on the top security controls...

Maintaining an up-to-date inventory of hardware assets is a crucial first step in securing your organization. In this first article in our series on the top security controls...

What characteristics do you need in your passwords to make it difficult for criminals to defeat?

Why would criminals bother exploiting your hosts if they can walk right in with a poor password?

Most successful breaches are executed by adversaries following a similar methodology. Understanding that methodology is key to a successful defense.

A staggering 90% of successful network breaches are caused by user error. Have you done enough to mitigate this risk at your organization?

Preventive security solutions like, anti-virus and firewalls are not enough. Without detection, you won't know how or when your security controls are failing...

Phishing is widely considered the largest threat to companies in 2019. What is it? And how can we mitigate the risk...

Cut through the endless amount of information and snake oil and read how you can prioritize where to start securing your organization from...

Carefully analyzing major security breaches provides insight on where things commonly go wrong. These three factors are always present...

A new phishing tool was released which allows hackers to monitor victims as they shop or send emails. Here's how it works, and how you can protect users who visit your...

A security risk assessment is a crucial step for mitigating the cyber security risks in your organization. Without identifying and addressing the risks in your environment, you have no chance to prevent a catastrophic...

This simple but effective URL spoofing trick can fool even the most security conscious users into believing they are on a legitimate website...

What is DNS and DNS Spoofing? Security Engineer and Co-Founder Michael Wetherald gives a basic explanation of DNS and how it can be spoofed in order to...

What is ARP and ARP Spoofing? Security Engineer and Co-Founder Michael Wetherald gives a basic explanation of ARP and how it can be spoofed in order to...