Varonis Blog | All Things Data Security

Michael Buckbee

Michael has worked as a sysadmin and software developer for Silicon Valley startups, the US Navy, and everything in between.

Showing 353 results

Data Security

Oct 08, 2015

Penetration Testing Explained, Part III: Playing with RATs and Reverse Shells

Last week I broke into a Windows 2008 server and inserted a remote access trojan or RAT. Don’t call security, I did this in a contained environment within virtual machines....

Michael Buckbee

4 min read
Data Security

Sep 30, 2015

Penetration Testing Explained, Part II: RATs!

Remote Access Trojans or RATs are vintage backdoor malware. Even though they’ve been superseded by more advanced command-and-control (C2) techniques, this old, reliable malware is still in use. If you...

Michael Buckbee

3 min read
Privacy & Compliance

Sep 23, 2015

Penetration Testing Explained, Part I: Risky Business

In most of the security standards and regulations that I’ve been following there’s typically a part titled Risk Assessment. You can find this requirement in HIPAA, PCI DSS, EU GDPR,…

Michael Buckbee

3 min read
Active Directory

Sep 21, 2015

Active Directory Security Best Practices

Active Directory Security should be a top priority of any organization. Read on to learn why AD is so important and how to protect yourself from cyber attacks.

Michael Buckbee

4 min read
Data Security

Sep 16, 2015

Five Things You Need to Know About the Proposed EU General Data Protection Regulation

European regulators are serious about data protection reform. They’re inches away from finalizing the General Data Protection Regulation (GDPR), which is a rewrite of the existing rules of the road...

Michael Buckbee

3 min read
Data Security

Sep 01, 2015

Windows 10 Authentication: The End of Pass the Hash?

It gets gnarly, but the LSASS address space is now really, really separated from other user processes so that apps like Mimikatz can’t peek into it.

Michael Buckbee

3 min read
Data Security

Aug 14, 2015

Why Law Firms Should Care About Data Security

An alarming 70% of large firm attorneys do not know if their firm has been breached, according to a recent American Bar Association (ABA) survey conducted by the ABA’s Legal...

Michael Buckbee

3 min read
Data Security

Jul 21, 2015

What is User Behavior Analytics?

There’s nothing new in using analytics in data protection or breach prevention. Firewalls, for example, analyze packet contents and other metadata, such as IP addresses, to detect and block attackers...

Michael Buckbee

8 min read
Data Security

Jun 26, 2015

How Varonis Helps with PCI DSS 3.1

The Payment Card Industry Data Security Standard (PCI-DSS) 3.1 is a set of regulations that govern how organizations manage credit card and other cardholder data. Many security professionals advocate that...

Michael Buckbee

1 min read
Active Directory

Jun 25, 2015

Difference Between Organizational Units and Active Directory Groups

Active Directory loves hierarchy. Domains, Organizational Units, groups, users, etc. Sometimes it can be confusing—how do I best structure my AD?

Michael Buckbee

2 min read
Data Security

May 06, 2015

How to Create a Good Security Policy

CIOs have taken note of the nightmarish scenarios data breaches can bring – remember Sony and Target? To combat this ticking time bomb, they’ve beefed up their security budgets. The Computer...

Michael Buckbee

2 min read
Data Security

May 06, 2015

SSL and TLS 1.0 No Longer Acceptable for PCI Compliance

The PCI Council released version 3.1 of their Data Security Standard (DSS), stating that SSL and TLS 1.0 can no longer be used after June 30, 2016.

Michael Buckbee

1 min read

...

24 25

27 28

...

SECURITY STACK NEWSLETTER

Join 400K+ security pros. Get threat research and cybercrime news sent right to your inbox.

Explore Additional Resources

Guide

AWS Best Practices Guide

White Paper

The Attacker's Playbook

Report

Sample Data Risk Assessment

Case Study

How Bradshaw International Reined in Permissions and Reduced Their M365 Blast Radius With Varonis

Case Study

How a Healthcare Org Enhances its Salesforce Security Posture With Varonis

Case Study

How Varonis Helps an Energy Company Safeguard Critical Data in AWS and M365

On-demand video

State of Cybercrime:
Salt Typhoon Telecom Attack

On-demand video

State of Cybercrime:
Midnight Blizzard

On-demand video

State of Cybercrime:
ChatGPT Manipulation + More

Ready to see the #1 Data Security Platform in action?

“I was amazed by how quickly Varonis was able to classify data and uncover potential data exposures during the free assessment. It was truly eye-opening.”

Michael Smith, CISO, HKS

"What I like about Varonis is that they come from a data-centric place. Other products protect the infrastructure, but they do nothing to protect your most precious commodity — your data."

Deborah Haworth, Director of Information Security, Penguin Random House

“Varonis’ support is unprecedented, and their team continues to evolve and improve their products to align with the rapid pace of industry evolution.”

Al Faella, CTO, Prospect Capital

Get a demo

Penetration Testing Explained, Part III: Playing with RATs and Reverse Shells

Penetration Testing Explained, Part II: RATs!

Penetration Testing Explained, Part I: Risky Business

Active Directory Security Best Practices

Five Things You Need to Know About the Proposed EU General Data Protection Regulation

Windows 10 Authentication: The End of Pass the Hash?

Why Law Firms Should Care About Data Security

What is User Behavior Analytics?

How Varonis Helps with PCI DSS 3.1

Difference Between Organizational Units and Active Directory Groups

How to Create a Good Security Policy

SSL and TLS 1.0 No Longer Acceptable for PCI Compliance

SECURITY STACK NEWSLETTER

Ready to see the #1 Data Security Platform in action?

Ready to see the #1 Data Security Platform in action?