All Articles

Penetration testing, often referred to as "pen testing" or "ethical hacking," is a cybersecurity assessment technique used to evaluate the security of computer systems, networks, applications, or other digital environments. The primary purpose of pen

According to latest Threat Intelligence, 80% of the times, Ransomware gets initial access using Top 3 Attack Vectors:
1. Exploiting Vulnerabilities
2. Shadow IT & Stolen Credentials
3. Various Variants Of Phishing Attacks
This webinar covers 6 most c

There are many approaches to conduct a strategic cybersecurity risks assessment.  This is one of my favorite ways, using a Threat Agent Risk Assessment (TARA) methodology. 

This paper was authored by Tim Casey, David Houlding, and I while we were at I

Incident Lifecycle Management : Threat Management - NIST Aligned Process

Incident Lifecycle Management (ILM) refers to the systematic process of handling and managing security incidents within an organization. It involves the entire lifecycle of a

We are excited for the next ‘Best Of The World’ Session On "What's Hot For State CISOs In 2023?" by Dan Lohrmann (Field CISO, Presidio), Danielle Cox (CISO, West Virginia) & Michael Gregg (CISO, North Dakota)

The 'Best Of The World' Series features

Ever wonder what kinds of things happen when good-intentioned people try to manage cybersecurity?  Well, in this case, a High School in Illinois responded to a system error by resetting every student’s password and then communicating it to all the pa

This webinar covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for pre

Overview of Incident Response

Incident response is a critical aspect of any organization's cybersecurity strategy. When a security incident occurs, it is crucial to have a well-defined plan in place to handle the situation effectively. This blog pos

We are excited for the next ‘Best Of The World’ Session On "Understanding Cloud Attack Vectors" by Moshe Ferber (Cloud Security Expert, Frequent Speaker at Defcon, Blackhat, RSAC APJ)

The 'Best Of The World' Series features the world's best securit

Hackers are exploiting an un-patchable vulnerability (CVE-2023–2868) in Barracuda Email Security Gateway appliances. Barracuda has announced that customers should discontinue using the email security product or upgrade. Hackers are using multiple typ

This webinar covers various aspects, including the rise in cyber security incidents, identification of vulnerabilities and loopholes, effective prevention strategies, mitigation techniques, and more. It aims to provide a comprehensive understanding o

We are excited for the next ‘Best Of The World’ Session On "How To Create Scalable And Sustainable Cybersecurity Program For Any Size Organization" by Gordon Rudd, (Ex-CISO RCB Bank | Author | Coach)

The 'Best Of The World' Series features the worl

Over 18 years, RSAC Innovation Sandbox contest brings cybersecurity's new innovators to put the spotlight on their potentially game-changing ideas. Each year, 10 finalists grab the spotlight for a three-minute pitch while demonstrating groundbreaking

We had a community webinar on "From Chaos To Control : Lessons Learned From The Ransomware Attack". We discussed the importance of cybersecurity and the growing threat of ransomware attacks. Described the specific incident we experienced, highlightin