#SecurityPosture

A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation

October 29, 2024 by Xynik

October 29, 2024 at 08:03AM Sherlock Holmes’ method of deduction parallels cybersecurity’s exposure validation, which focuses on identifying and prioritizing exploitable vulnerabilities among overwhelming data. This approach enhances security posture by optimizing resources, reducing risks, and ensuring compliance. Automation in validation is crucial for efficiency, enabling organizations to respond effectively to real threats. ### Meeting … Read more

How to Get Going with CTEM When You Don’t Know Where to Start

October 4, 2024 by Xynik

October 4, 2024 at 06:00AM CTEM is a strategic framework to assess and manage cyber risk, consisting of stages like Scoping, Discovery, Prioritization, Validation, and Mobilization. Implementing CTEM can be complex initially, but understanding the stages and using the right tools can strengthen an organization’s security. XM Cyber offers a unified platform to simplify CTEM … Read more

Normalizing Security Culture: Don’t Have to Get Ready If You Stay Ready

October 2, 2024 by Xynik

October 2, 2024 at 01:44AM National Cybersecurity Awareness Month in the U.S. encourages annual security education. Employee involvement is crucial to the organization’s security. Human error leads to 68% of breaches and is more common than technical vulnerabilities. The impact of security on an organization’s image and reputation is significant. Regular communication and feedback can … Read more

Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China

September 20, 2024 by Xynik

September 20, 2024 at 08:51AM Threat intelligence company GreyNoise has highlighted a worrying trend involving mass spoofed traffic potentially linked to China. Named Noise Storm, these controlled traffic bursts exhibit diverse characteristics, including their focus on specific internet segments and connection to major Chinese platforms. GreyNoise speculates potential motives for these mysterious activities and emphasizes … Read more

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

September 5, 2024 by Xynik

September 5, 2024 at 06:03AM The NIST Cybersecurity Framework (CSF), introduced in 2013, provides a voluntary framework to manage cyber risk by organizing and prioritizing security measures into five core functions. The latest version, CSF 2.0, emphasizes continuous improvement, broader enterprise risk management, and proactive cybersecurity. The CSF and Continuous Threat Exposure Management (CTEM) program … Read more

Improved Software Supply Chain Resilience Equals Increased Security

September 3, 2024 by Xynik

September 3, 2024 at 10:07AM Summary: Software supply chain attacks pose significant challenges to the DevSecOps community, emphasizing the need for improved resilience. Key components include visibility, governance, and continuous deployment. Organizations should focus on understanding their environments in real-time, implementing good governance, and continuously testing and monitoring for vulnerabilities to strengthen their security posture. … Read more

How to identify unknown assets while pen testing

August 27, 2024 by Xynik

August 27, 2024 at 10:19AM External Attack Surface Management (EASM) bridges gaps in traditional penetration testing, addressing overlooked risks in an organization’s digital defenses. An Informa Tech survey highlights limited coverage and frequency issues of penetration testing, leaving organizations vulnerable to cyber threats. Integrating EASM with Penetration Testing as a Service (PTaaS) provides comprehensive visibility … Read more

The Silver Bullet of MFA Was Never Enough

August 22, 2024 by Xynik

August 22, 2024 at 06:53AM Recent attacks on high-profile organizations are drawing comparisons to action movies, where the hero triumphs over adversity with a magical solution. Multi-factor authentication (MFA) is seen as a silver bullet, but it’s not foolproof. Social engineering can bypass MFA, and other security measures like passkeys and device posture checks are … Read more

After the Dust Settles: Post-Incident Actions

August 8, 2024 by Xynik

August 8, 2024 at 11:00AM After a cybersecurity incident, organizations should conduct a thorough review of the attack to understand its timeline, actions taken, and response efficiency. This post-mortem analysis helps in identifying gaps and potential improvements in processes. Sharing incident data and learnings with others in the industry enhances cybercrime prevention. Establishing a timeframe … Read more

Microsoft admits 8.5 million CrowdStruck machines estimate was lowballed

July 29, 2024 by Xynik

July 29, 2024 at 02:39AM Microsoft acknowledges that its initial estimate of 8.5 million machines affected by CrowdStrike’s software update was likely underestimated. The incident response blog shared insights into the impact measurement process, stressing the limitations of crash reports. Microsoft outlined plans to reduce dependence on kernel drivers and enhance security in collaboration with … Read more