How the MITRE ATT&CK Framework Enhances Cloud Security

How the MITRE ATT&CK Framework Enhances Cloud Security

MITRE ATT&CK™ is a framework consisting of several tactics to help businesses regain control of their security systems. ATT&CK—short for adversarial tactics, techniques, and common knowledge—is a knowledge base consisting of the different strategies adversaries use to exploit your systems based on observations of real cyber attacks. MITRE launched the framework in 2013 to “document common TTPs that advanced persistent threats use against Windows enterprise networks.” The corporation gathered information on the various threats plaguing…

Read More

Security Culture Matters when IT is Decentralized

Security Culture Matters when IT is Decentralized

Decentralized structures can give organizations powerful agility and speed up the deployment of new technologies. But the cost of decentralization is that it’s hard to ensure decisions are made consistently and with all the right considerations in mind—which is a very real problem when it comes to security. Fifty-six percent of CISOs in EY’s 2021 Global Information Security Survey said their teams are consulted late or not at all when company leaders make time-sensitive strategic…

Read More

Email Security Best Practices for Phishing Prevention

Email Security Best Practices for Phishing Prevention

Organizations understand the importance of protecting sensitive information and avoiding a data breach. However, security teams are struggling to contain phishing attacks. Security risks increase due to the inability to view and successfully filter email threats, accurately differentiate between marketing and phishing emails, and apply a multi-layered email security approach with rules to holistically track traffic and stop malicious actions in real life. This article explores email security best practices to defend against phishing attacks…

Read More

Will Cloud-Native Network Security Oust Cloud Firewalls?

Will Cloud-Native Network Security Oust Cloud Firewalls?

Advanced application and workflow security Trend Micro Cloud One – Network Security applies IPS/IPDS (intrusion prevention system/ intrusion prevention detection system) with state-of-the-art machine learning algorithms and a virtual patching approach to bring a secure workflow to your organization. This approach allows aggregated logs and information from every component of your application to be efficiently monitored and vetted. Cloud-native applications need advanced tools and approaches that traditional cloud firewalls with limited scopes don’t typically offer….

Read More

7 Cyber Attack Vectors & How to Protect Them

7 Cyber Attack Vectors & How to Protect Them

7 Cyber Attack Vectors & How to Protect Them Risk Management The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews 7 key initial attack vendors and provides proactive security tips to help you reduce cyber risk across the attack surface. By: Jon Clay November 15, 2022 Read time:  ( words) Digital transformation and remote work have rapidly expanded the attack surface. As the collection of applications, websites,…

Read More

4 Types of Cyber Crime Groups

4 Types of Cyber Crime Groups

The adage “teamwork makes dreamwork” extends to cybercriminals as well. To launch more successful cyberattacks, malicious actors with different specialized skills have conglomerated to form Cybercrime as a Service (CaaS). We’re now seeing people and groups specialize in various parts of the attack lifecycle. This means that we’re likely going to see less mistakes made leading to detections, and we should expect multiple groups colonizing an infected network. Within CaaS there are four types of…

Read More

Hybrid Cloud Management Security Tools

Hybrid Cloud Management Security Tools

Learn more about cloud security by joining Trend Micro at AWS re:Invent fromNov. 28 – Dec. 2 The accelerated shift to the cloud was mostly borne out of necessity due to the influx of remote workers and changing customer demands requiring more business agility. According to Forrester, 94% of US enterprise infrastructure decision makers are using at least one type of cloud deployment. While there is a push to be cloud-native, the reality is that…

Read More

Are My Containers Affected by the New OpenSSL Vulnerabilities?

Are My Containers Affected by the New OpenSSL Vulnerabilities?

On October 25th it was announced to the world that the OpenSSL project team would release OpenSSL version 3.0.7 to fix a critical security issue that affected all OpenSSL 3 versions the day after Halloween, November 1st. Many of us security folk, while trick-or-treating with our kids, were confronted with the fear of not only spooky Halloween decorations and costumes but of understanding what this vulnerability mean to the security of our applications? Asking ourselves,…

Read More

Improve Post-Quantum Cryptography Security with CSPM

Improve Post-Quantum Cryptography Security with CSPM

Quantum computing might just save us all from destruction. By solving complex and intricate problems that even supercomputers couldn’t unravel, this super computational system has the propensity to wipe out disease and famine. But, like many advancements in technology, it’s not without its challenges. And quantum computing risk lies directly within the cryptography space. Cryptography provides security through various encryption and decryption techniques. This ensures the secure transaction of data and authentication of users for…

Read More

Guide to Better Threat Detection and Response

Guide to Better Threat Detection and Response

Not all threats originate at the endpoint. According to Verizon’s 2022 Data Breach Investigations Report, web applications and email are the top two vectors for breaches. XDR enables you to detect compromised accounts sending internal phishing emails, whereas native email security tools typically only monitors for malicious emails being delivered externally. XDR will also sweep mailboxes for IoCs in real time. With this information, the SOC can investigate who else received the email as well…

Read More
1 4 5 6 7 8 17