Which firm, company or solution can have the most comprehensive source of threat intelligence? The question should come to your mind when you are shopping for this security matter for any reason. Sources can have different type of data and then convert it to useful information via either active or passive mechanisms to gather intelligence,… Continue reading The Main Source of Cyber Threat Intelligence
The question simply is: Why we do not feel insecure even spending a lot, giant teams of professional and bunch of fancy tools? And the answer simply is: Wrong Direction! As long as one’s going wrong direction, we certainly cannot even imagine being able to reach the destination. How it is possible to reach the… Continue reading Why Folks Are Not Able to Secure Their Network?
Whitelisting has been for sure a relatively standard and sometimes as a hardening security measure but it depends how we implement and maintain it and where it is initially enforced. Whitelisting could be against you if setup at the wrong spot or with inadequate supportive elements. I highly recommend whitelisting behavior rather than whitelisting elements… Continue reading Is Whitelisting a Good Security Practice?
I hope you will find this so obvious but unfortunately security community is highly relied on vulnerability scanning in a way which makes it totally useless or even harmful! Vulnerability assessment is evaluating of a System against known and potential security flaws. A System is simply a collection of processes, workflows, people, nodes, software…but traditional… Continue reading Why Common Vulnerability Scanning Practice is Useless?
There is no silver bullet in any aspect of information security. All the answers like EDR, MFA, SIEM… might get you in a better or worse security posture, it all depends to how you implement and manage but none of them are silver bullet in their area (malware protection, authentication, monitoring…). It is all about… Continue reading No Silver Bullet in Computer Security
Sales pitch force us to worry about things that are not so important; Change your mindset to win the battle! “Battle” would not be the right term if we didn’t have a market full of competition to sell cybersecurity products rather than focusing on the right and real way of defense. In other words, focusing… Continue reading One Strategy to Win the Cyber-security Battle: Change the Focus!
No doubt that companies struggle with information security these days. Today they spend hundreds of thousand dollars, some millions, tomorrow they realize they have done nothing! Security folks do not have peaceful night sleep, because they know what they have done during the day could easy be compromised! Regardless of why we are spending money… Continue reading Complexity: The Hidden Monster behind Insecurity