Latest articles
Cybersecurity Laws Get Serious: EU’s NIS Directive
Feb 21, 2017
In the IOS blog, our cyberattack focus has mostly been on hackers stealing PII and other sensitive personal data. The breach notification laws and regulations that we write about require...
Introducing a new security dashboard, enhanced behavioral analysis, and more
Feb 13, 2017
Every day we hear new stories about how our customers are using DatAlert to stop cyberattacks: detecting and disabling ransomware infections, discovering misconfigurations and vulnerabilities, and setting up automatic responses...
Binge Read Our Pen Testing Active Directory Series
Feb 08, 2017
With winter storm Niko now on its extended road trip, it’s not too late, at least here in the East Coast, to make a few snow day plans. Sure you...
Pen Testing Active Directory Environments, Part VI: The Final Case
Jan 27, 2017
If you’ve come this far in the series, I think you’ll agree that security pros have to move beyond checking off lists. The mind of the hacker is all about making...
Connecting Your Data Strategy to Analytics: Eight Questions to Ask
Jan 20, 2017
Big data has ushered in a new executive role over the past few years. The chief data officer or CDO now joins the C-level club, tasked with leveraging data science...
Pen Testing Active Directory Environments, Part V: Admins and Graphs
Jan 17, 2017
If you’ve survived my last blog post, you know that Active Directory group structures can be used as powerful weapons by hackers. Our job as pen testers is to borrow...
How to setup a SPF record to prevent spam and spear phishing
Jan 12, 2017
Some things go together like peanut butter and jelly: delicious, delightful and a good alternative to my dad’s “Thai-Italian Fusion” dinner experiments as a kid. When other things are combined...
GDPR: Do You Have to Hire a DPO?
Jan 11, 2017
I suspect right about now that EU (and US) companies affected by the General Data Protection Regulation (GDPR) are starting to look more closely at their compliance project schedules. With...
Pen Testing Active Directory Environments, Part IV: Graph Fun
Jan 04, 2017
If we haven’t already learned from playing six degrees of Kevin Bacon, then certainly Facebook and Linkedin have taught us we’re all connected. Many of the same ideas of connectedness...
I’m Alan Cizenski, Corporate Systems Engineer at Varonis, and This is How I Work
Dec 22, 2016
Alan Cizenski is a Corporate Systems Engineer at Varonis. Based in our New York City office, he is responsible for making sure Varonis solutions work smoothly for our prospective customers....
Ransomware: Legal Cheat Sheet for Breach Notification
Dec 21, 2016
You respond to a ransomware attack in many of the same ways you would to any other cyber attack. In short: have plans in place to analyze the malware, contain...
Pen Testing Active Directory Environments, Part III: Chasing Power Users
Dec 16, 2016
For those joining late, I’m currently pen testing the mythical Acme company, now made famous by a previous pen testing engagement (and immortalized in this free ebook). This time around...
Try Varonis free.
Deploys in minutes.