As we wrap up 2018 and move into 2019, it is valuable to take a look back and review the lessons learned from the breaches, evolutions, and developments in cybersecurity. We will be coming out with our 2018 year-in-review and 2019 outlook soon, however, we thought we would give you a bit of a preview […]

Read more

Last week Marriott International breach resulted in over 500 Million compromised records. These records contained personal and private information of individuals across the globe as well as corporate information.  Undoubtedly, those of us who had their information stolen should expect phishing messages designed to steal more information or compromise your computers.  So it is important […]

Read more

This morning news publications across the country reported that Marriott International, the largest hotel chain in the world, suffered a massive data breach affecting over 500 million customers. It is highly likely that this breach impacted your organization or your employees.  It appears that hackers breached the Starwood International reservations site and the breach was […]

Read more

Identifying and choosing a managed security service provider (MSSP) can be time consuming and difficult.  At their core many are very similar, but how do you narrow down your selection and find the one that is right for you and your organization? Among the myriad of criteria you should evaluate, here are five key questions […]

Read more

Traditionally, security operations have been largely driven by known indicators and rules that generate alerts, looking for attacks occurring within a pre-set correlation time window.  Security Analysts continue today to grapple with accurate identification and correlation of attacker activity over time. Risk Weighted Event Score Threshold (RWEST) is the most popular correlation algorithm that performs […]

Read more

Ransomware has consistently been one of the most prolific, destructive, and concerning cyber threats of the last many years. We have seen cities brought to their knees by SamSam, a global rapid outbreak of WannaCry, and even destructive malware masqueraded as ransomware in NotPetya. Ransomware, it may seem, has no plans to go away anytime […]

Read more

Vulnerability data comes in two flavors – scan data generated from vulnerability scanning and vulnerability disclosures from vendors. Both data sets are highly valuable in threat analysis and security operations as they direct us and focus us to look for specific threats that are highly relevant to the enterprise. Vulnerability Scanning Data When a vulnerability […]

Read more

Far too often information security is treated like a necessary evil. Infosec does not generate revenue, there is no guarantee that a major breach will occur, and it costs a lot of money.  We often observe that frequently companies do not take information security seriously until after a breach has already occurred. When executives and […]

Read more

Supply infiltration and exploitation by hackers was brought, yet again, to the forefront this week as Bloomberg reported that China successfully compromised nearly 30 companies through a supply chain attack that has been ongoing since at least 2015.  This is the 2nd major attack in as many years – the first being the NotPetya attack […]

Read more

The latest version of Advanced Threat & Log Analysis Service (ThreatWatch) Version 5.02 is now available to all customers. “Customer feedback continues to be a big factor in our product development”, according to Peter Bybee, CEO of Security On-Demand. “Many of the new enhancements were driven by customer input around supporting custom reports, improved threat […]

Read more