Oct 14, 2020 | Cybersecurity, Incident Response, Information Security, NIST 800-53, Risk Management
September is National Preparedness Month and October is National Cybersecurity Awareness Month, which makes it a great time to review your organization’s disaster preparedness strategy. Implementing a contingency plan for a natural disaster could be the difference...
Sep 17, 2020 | Cybersecurity, Information Security, REDSEC
What is Threat Hunting? Threat hunting is the process of proactively searching through environments and networks to detect and isolate advanced threats that were not discovered by traditional security solutions. Threat hunting assumes that the environment is already...
Sep 11, 2020 | Cybersecurity, Information Security, REDSEC
What is Cyber Threat Intelligence? Cyber Threat intelligence is information that is used to identify and understand cyber threats to an organization. This intelligence is used to identify threats that could be a risk to an organization and make informed decisions to...
Aug 28, 2020 | Cybersecurity, Incident Response, Splunk
This is part 1 of a 4 part of CrowdStrike Managed Detection and Response (MDR) series. The very first thing you should know about managed detection and response (MDR) providers is that the best service can only exist with the best technology. What I mean by that, is...
Aug 19, 2020 | Cybersecurity, Incident Response, Splunk
What is a SIEM? Security Information and Event Management (SIEM) is a broad term that encompasses software, appliances, and managed services that combine security information management and security event management. These services include the ability to aggregate...
Jul 28, 2020 | Compliance, Cybersecurity, ISO27001
Who Needs ISO 27001? Every day we hear from organizations being asked if they are 27001 compliant and what they need to do to become compliant. The ISO 27001 standard provides a very well-rounded assessment to prove you have an effective information security...
Apr 23, 2020 | Cybersecurity
What is TrickBot? TrickBot was originally developed in 2016 as a Windows banking trojan intended to capture Personally Identifiable Information (PII) to commit fraud. TrickBot primarily used spear-phishing as an attack vector to target high-level corporate executives...
Jun 24, 2019 | Cybersecurity, Penetration Testing, Tenable, Vulnerability Scanning
By: Justin Fimlaid What is an Exim server? An Exim server is a mail transfer agent used on Linux like operating systems. Exim is a free software and used by as much as 57% of the Internet email servers. Over the past couple weeks it has been noted that a heavy amount...
Jun 17, 2019 | Cybersecurity, Information Security, ISO27001
By: Justin Fimlaid What does it mean when ISO 27001 references an ISMS? An ISMS stand for Information Security Management System. This essentially means that it is a programmatic structure that allows you to build a security framework and controls specific to and...
Jun 10, 2019 | Cybersecurity, Penetration Testing, Vulnerability Scanning
By: Justin Fimlaid What is SHA-1 and what is the history of SHA-1? Originally SHA-1 was developed as part of a U.S. government capstone project. The first version of SHA was SHA-0 and that was developed in 1993 as the Secure Hash Standard. SHA-0 was originally...