Malware prevention is a very hot topic due to the recent ransomware attacks that have completely crippled several companies and organizations. For most smaller companies, being able to hire a…
Hybrid IT presents SecOps challenges The Department of Defense (DoD) has long been at the tip of the spear when it comes to successfully melding IT security and operations…
“The price of reliability is the pursuit of the utmost simplicity.” C.A.R. Hoare, Turing Award lecture. Software and computers in general are inherently dynamic and not of a state…
How to use network configuration, change, and compliance management (NCCCM) and other monitoring software in response to an actual security breach. If you have not read part one, I would suggest that…
Why network configuration, change, and compliance management (NCCCM) is a must Inspired by former Citibank employee sentencing We’ve all heard horror stories about the disgruntled employee who pillages the office supply…
Here’s an interesting article from my colleague Joe Kim, in which he offers suggestions to reduce cybersecurity vulnerabilities. Agencies should focus on the basics to protect against attacks The government’s…
In the final blog of this series, we’ll look at ways to integrate Windows event logs with other telemetry sources to provide a complete picture of a network environment. The…
Over the last three posts, we’ve looked at Microsoft event logging use cases and identified a set of must-have event IDs. Now we’re ready to put our security policy in…
Last year, the White House issued an Executive Order designed to strengthen cybersecurity efforts within federal agencies. The EO requires agencies to adhere to the National Institute of Standards and…
Anyone who has looked at the number of event IDs assigned to Windows events has probably felt overwhelmed. In the last blog, we looked at some best practices events that…