Featured Content
-
Mar 08, 2017
Practical PowerShell for IT Security, Part I: File Event Monitoring
Back when I was writing the ultimate penetration testing series to help humankind deal with hackers, I came across some interesting PowerShell cmdlets and techniques. I made the remarkable discovery...
Michael Buckbee
5 min read
-
Feb 24, 2017
Cloudbleed - Cloudflare Unauthorized Data Leak
Cloudflare is a huge internet infrastructure company (5.5 million websites), which means that you likely use them every day that you’re online, without ever realizing it. Depending on what metric...
Michael Buckbee
2 min read
-
Feb 21, 2017
Cybersecurity Laws Get Serious: EU’s NIS Directive
In the IOS blog, our cyberattack focus has mostly been on hackers stealing PII and other sensitive personal data. The breach notification laws and regulations that we write about require...
Michael Buckbee
4 min read
-
Feb 13, 2017
Introducing a new security dashboard, enhanced behavioral analysis, and more
Every day we hear new stories about how our customers are using DatAlert to stop cyberattacks: detecting and disabling ransomware infections, discovering misconfigurations and vulnerabilities, and setting up automatic responses...
Michael Buckbee
1 min read
-
Feb 08, 2017
Binge Read Our Pen Testing Active Directory Series
With winter storm Niko now on its extended road trip, it’s not too late, at least here in the East Coast, to make a few snow day plans. Sure you...
Michael Buckbee
1 min read
-
Jan 27, 2017
Pen Testing Active Directory Environments, Part VI: The Final Case
If you’ve come this far in the series, I think you’ll agree that security pros have to move beyond checking off lists. The mind of the hacker is all about making...
Michael Buckbee
5 min read
-
Jan 20, 2017
Connecting Your Data Strategy to Analytics: Eight Questions to Ask
Big data has ushered in a new executive role over the past few years. The chief data officer or CDO now joins the C-level club, tasked with leveraging data science...
Michael Buckbee
3 min read
-
Jan 17, 2017
Pen Testing Active Directory Environments, Part V: Admins and Graphs
If you’ve survived my last blog post, you know that Active Directory group structures can be used as powerful weapons by hackers. Our job as pen testers is to borrow...
Michael Buckbee
6 min read
-
Jan 12, 2017
How to setup a SPF record to prevent spam and spear phishing
Some things go together like peanut butter and jelly: delicious, delightful and a good alternative to my dad’s “Thai-Italian Fusion” dinner experiments as a kid. When other things are combined...
Michael Buckbee
6 min read
-
Jan 11, 2017
GDPR: Do You Have to Hire a DPO?
I suspect right about now that EU (and US) companies affected by the General Data Protection Regulation (GDPR) are starting to look more closely at their compliance project schedules. With...
Michael Buckbee
3 min read
-
Jan 04, 2017
Pen Testing Active Directory Environments, Part IV: Graph Fun
If we haven’t already learned from playing six degrees of Kevin Bacon, then certainly Facebook and Linkedin have taught us we’re all connected. Many of the same ideas of connectedness...
Michael Buckbee
4 min read
-
Dec 22, 2016
I’m Alan Cizenski, Corporate Systems Engineer at Varonis, and This is How I Work
Alan Cizenski is a Corporate Systems Engineer at Varonis. Based in our New York City office, he is responsible for making sure Varonis solutions work smoothly for our prospective customers....
Michael Buckbee
4 min read