Chad Kime Avatar
  • command shell hack

    Why You Need to Tune EDR to Secure Your Environment

    Endpoint detection and response (EDR) solutions typically deploy in a standard configuration meant to deliver the least number of false positive alerts in a generic environment. This allows EDR to deploy very quickly, but it also allows for a number of security vulnerabilities. Here we’ll discuss why EDR vendors choose these configurations, and how organizations […]

  • Cybersecurity hacker

    MFA Advantages and Weaknesses

    Not everyone adopts multi-factor authentication (MFA) to secure their accounts. Many stick with simple username and password combinations despite the weaknesses of this authentication method. Yet if someone wanted to enable MFA, which option should they use? Each MFA option suffers vulnerabilities and creates user friction, so IT managers need to select the MFA option […]

  • Azure AD hack

    10 Top Active Directory Security Tools

    Identity management plays a critical role in every IT security strategy. Microsoft’s identity and access management tools dominate the enterprise market, with more than a 50% market share between Active Directory (AD) for Windows and Azure servers. And that makes Active Directory a frequent target for hackers. Despite the wide adoption, AD’s native interface can […]

  • Cybersecurity hacker

    APT Attacks & Prevention

    A company that discovers that an advanced persistent threat (APT) attack is underway tends to be the exception. Attackers design APTs to be subtle, persistent, and to remain undetected for as long as possible. And they tend to succeed at remaining undetected. The average “dwell time” – the period between infiltration and detection – has […]

  • hacker

    Data Deletion Methods: What’s Best for Sensitive Data?

    Users may believe that when they delete a file on their hard drive, the document no longer exists. However, IT professionals understand that the data itself may remain. Yet even experienced IT professionals may not understand the differences between different types of hard drive file erasure, data overwrite standards, or when those methods might fail […]

  • industrial and medical security

    Three Ways to Protect Unfixable Security Risks

    How can a hospital protect an MRI machine with an unchangeable password and still connect it to the network? How can an industrial recycler safely secure its $400,000 hard drive recertification rack with control software that only runs on Windows XP? These are not uncommon risks. The devices themselves can’t be secured, but that doesn’t […]

  • Server security SPA

    Hiding Devices Using Port Knocking or Single-Packet Authorization (SPA)

    Invisibility sounds like something out of a fantasy novel, but if done properly, we can use it to hide computers, gateways, or individual PCs by implementing specific firewall techniques like port knocking or single-packet authorization (SPA). The effectiveness of the technique has a lot in common with the traditional fantasy concept of invisibility and will be […]

  • SIEM tutorial

    SIEM Explained: What is SIEM and How Does it Work?

    Security information and event management (SIEM) technology provides foundational support for threat detection. The high costs of SIEMs once made them feasible only for larger enterprise clients, but they have become more reasonable solutions for smaller organizations over time. While a properly configured SIEM can provide effective threat protection, misuse of SIEM technology can increase […]

  • SIEM management

    Implementing and Managing Your SIEM Securely: A Checklist

    Some companies use cloud-based security information and event management (SIEM), and others use SIEM that has been installed in a local data center. These on-premises SIEMs can be run on Windows Servers, Linux Servers, and within virtual machines (VMs) or containers. While the security vulnerabilities for each of these instances will be unique and highly […]

  • ransomware victim

    5 Good Reasons to Hire a Ransomware Recovery Expert

    Spending money you hadn’t budgeted to hire experts to clean up an unexpected mess is at the bottom of every manager’s wish list, but in the case of a cyber attack as damaging as ransomware, turning incident response over to a pro may be the best thing you can do. Let’s examine five key reasons […]

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis