SECURETARGET

Category: Security Tools

  • zero-trust: reselling old under a different name

    the market has been acting as a reseller since late 90’s. we simply resell an old solution under a different shiny name again and again. one of the best examples is zero trust. with all noises around this concept, poor desperate companies waiting to resolve their security issues, or perhaps thirsty budgets waiting to find…

  • Does AI help us in security operations?

    it does but only if it is originated from a intelligent programmer. AI is as smart as the people who did its modeling. an artificial intelligence cannot be more intelligent than its origination. presuming AI will be helping us securing cyberspace is like presuming we will have a accurate Accounting system or flawless GL just…

  • *DR

    security community has been certainly obsessed with creating a new acronym every day instead of focusing on techniques and enhancing what is already there. basically we do not even try to enhance any thing, we just need to understand definitions and satisfy what has already been stated. XDR is one of those things now particularly…

  • having something vs doing something

    There is a difference between knowing the path and walking the path, right? just because I have something, does not mean I know something, or I do something. just because there are technologies, software or tools for a thing, let’s say GDPR compliance metrics, patch management, ITIL platforms, vulnerability scanning, application security testing…and so on,…

  • The Main Source of Cyber Threat Intelligence

    Which firm, company or solution can have the most comprehensive source of threat intelligence? The question should come to your mind when you are shopping for this security matter for any reason. Sources can have different type of data and then convert it to useful information via either active or passive mechanisms to gather intelligence,…

  • Is Whitelisting a Good Security Practice?

    Whitelisting has been for sure a relatively standard and sometimes as a hardening security measure but it depends how we implement and maintain it and where it is initially enforced.  Whitelisting could be against you if setup at the wrong spot or with inadequate supportive elements. I highly recommend whitelisting behavior rather than whitelisting elements…

  • Monitoring: The Forgotten Discipline

    Monitoring: The Forgotten Discipline

    The Myth of “Proactive” Every company claims to be proactive. They buy dashboards, automate alerts, and call it visibility. But visibility without interpretation is just noise. And noise is the enemy of monitoring. These days, the market is full of tools that promise prediction. None deliver it. They only record symptoms faster. What You Actually…

  • No Silver Bullet in Computer Security

    No Silver Bullet in Computer Security

    There is no silver bullet in any aspect of information security. All the answers like EDR, MFA, SIEM… might get you in a better or worse security posture, it all depends to how you implement and manage but none of them are silver bullet in their area (malware protection, authentication, monitoring…). It is all about…

  • One Strategy to Win the Cyber-security Battle: Change the Focus!

    Sales pitch force us to worry about things that are not so important; Change your mindset to win the battle!   “Battle” would not be the right term if we didn’t have a market full of competition to sell cybersecurity products rather than focusing on the right and real way of defense. In other words, focusing…

  • Tools vs. Techniques

    Operations fail by focusing on tool rather than technique! In context of information technology, with all primary operations like Systems administration, Patching and updating, Backup and replication, Malware protection…and all related sub-tasks, focus on Tools is an enemy of the process! Defining, developing or choosing a technique in advance is crucial to an IT operation.…