All posts in Security Content Sharing

Brinqa customers are creating a new breed of cyber risk intelligence programs by making vulnerability management a central focus of their efforts.

These programs take vulnerability management effectiveness to a new level, by introducing automation at every step of the process – whether it is integration and correlation of data from multiple sources, prioritization of vulnerability and asset risks, creation and management of tickets based on optimal remediation strategies, or representation and distribution of real-time metrics and KPIs. By extending these core capabilities to additional sources of security data – asset inventory, network management, web application scanning, BC/DR, policy compliance, IDS/IPS, change and configuration management, directory services, SIEM, etc. – these programs are providing security analysts, business owners and executives with actionable insights that were previously unattainable.

Presented at the Cyber Security Summit Boston – November 8, 2017. Highly targeted, low volume spear phishing – or business email compromise (BEC) – attacks that impersonate executives and business partners to trick employees are the biggest cyber threat organizations face today.  This is not news. But what may come as a surprise is that the vast majority of these imposter attacks are preventable.  According to Gartner, Secure Email Gateways are struggling to address social engineering attacks with no payload, but things are changing.  New email authentication technology can now surpass people and process initiatives to proactively protect email channels, while also removing the guesswork for users.

For decades, and as a best practice, companies have purchased point security products in the name of prevention. Today’s growing threat surfaces coupled with the sophistication of attacks has, however, led us to a point where breaches are now inevitable. From the boardroom to the security operations team, organizations must change their mindset away from prevention toward data forensics in support of fast and accurate incident response.

Presented at the Cyber Security Summit Boston – November 8, 2017. You have lots of security-related data, and it’s not all created equal. Effective threat hunting and incident response require you to pivot quickly and efficiently between the low- and high-fidelity data that exists across firewalls, intrusion prevention systems, security information event management platforms, flow collectors, etc. Understanding the common data elements across these disparate systems allows your team to efficiently pivot from low fidelity data used for rapid root-cause analysis to high-fidelity data that can be a means of conviction.

Presented at the Cyber Security Summit Boston – November 8, 2017. Your organization is valuable, and the cyber criminals know it. Malicious actors constantly attempt to exploit users for privileged access to your enterprise network. Recognizing the anomalous network behavior that occurs when threats breach traditional security architecture is very difficult. Flow and metadata collection from your existing network coupled with Network Traffic Analytics delivers powerful and actionable insight into network and security incidents.

North Korea: The Cyber Wild Card 2.0   by Rhea Siers

Cyber Enhanced Sanction Stratégies: Do Options Exist?   By Mark Peters