Optiv Blog

Agile and Proactive Security Assessments of AWS Cloud Deployments

· By Daniel Brennan ·

Most companies have security personnel, but their expertise in the cloud may be limited. To have a team of highly trained AWS security experts on staff is a bit of a rarity. Yet, security in the cloud is often paramount to the success of the organization. As a result, organizations often call Optiv to assess the current state of their AWS implementations and report on security findings. We often find that the first hurdle to overcome is not technical in nature but related to developing trusted partnerships within the organization. We and our clients are able to do our best, and better achieve the businesses’ unique objectives, when we are tightly aligned.

Continue reading

Managing Custom Roles in Azure

· By Mike Hanson ·

While using Azure role-based access controls, Microsoft provides a set of built-in roles to meet the needs of providing least privileges. These roles work sometimes and you can add users/groups to multiple roles, but often times they do not define what you are using for roles of your architects, engineers, administrators, developers, and others. If these built-in roles provide too much access for individuals in certain roles, you can create custom roles that you can manage.

Continue reading

Quick Tips for Building an Effective AppSec Program – Part 3

· By Shawn Asmus ·

This is the last post in my series on creating an effective AppSec program within your organization. In my last post, we discussed the importance of toolchains, defect tracking, and establishing vulnerability management processes to help your AppSec and development teams stay on top of remediation efforts in an efficient and programmatic way. In this post, we’ll spend some time exploring how to enable the various stakeholders across the organization, how to measure the effectiveness of your AppSec program, the importance of a knowledge management system, and application runtime protection. So let’s get started.

Continue reading

Phishing - The Rest of the Story

· By Ken Dunham ·

Receiving an email lure designed to trick you into clicking a phishing link and then logging into a fake website has become a common threat. In this blog we look into how to dive deeper into the threat to move from reactive to proactive. These tactics help a company zoom in on specific threats that are common or repeated against them from both opportunistic and targeted attacks.

Continue reading

Transforming Logs and Alerts into Actionable Intelligence with UEBA Functionality

· By Jacob Bolm, Woodrow Brown ·

For information security practitioners, the stored value in security data can reduce both costs and risk. The progression of the treatment of log data is a testament to the recognition of this value. Computer logging facilities began as a first-in-first-out (FIFO) rolling buffer with a finite capacity. Organizations then moved to log management programs where log data was aggregated and stored. Next, Security Information and Event Management (SIEM) systems were put in place. Today, User and Entity Behavior Analytics (UEBA) solutions are at the forefront of unlocking the value of data and a growing number of companies are turning to UEBA to help solve their security challenges.

Continue reading

Dear Board of Directors, It’s Time to Do the Right Thing and Elevate IAM

· By Mitch Powers ·

I talk with IT executives regularly and have noticed a trend across industries that is concerning. While the threat of a data breach looms large on the horizon, IT leaders consistently appear to address the threat with a "wall building" focus. Certainly, protecting resources from unlawful entry is necessary and valuable, but what about the threat from within?

Continue reading

Observations on Smoke Tests – Part 3

· By Raina Chen ·

While attending one of our technology partner’s security training courses, the instructor presented on their product’s various features and capabilities. Some of the discussion centered around application and vulnerability management. As a consultant who mainly focuses on security testing, these features seemed rather useless to me. The importance of application vulnerability management was not revealed until I gained career experience with larger, global enterprise clients.

Continue reading

Getting Started with Postman for API Security Testing: Part 1

· By Rushyendra Reddy Induri ·

Postman is a useful tool used by many developers to document, test and interact with Application Programming Interfaces (APIs). With the ubiquity of APIs in mobile, web and other applications, Postman can be a useful tool for a security tester or developer to evaluate the security posture of the API. Part 1 of this blog series is to provide the basics of using Postman, explaining the main components and features.

Continue reading

Quick Tips for Building an Effective AppSec Program – Part 2

· By Shawn Asmus ·

In my last blog post, I talked about what an application security (AppSec) program is and how an organization would go about building a formal program to secure their internally-developed applications, as well as third-party applications they have or will be deploying. I touched on the importance of creating an application catalog, aligning with one of several industry AppSec frameworks, and having a solid understanding of your application architecture, that, together, can form the necessary foundation for a formal program.

Continue reading

Thoughts on Breach of Trust vs. a Breach of Security

· By Peter Gregory, James Robinson ·

General thought: A breach of trust is different than a breach of security. Trust and security, while related, are very different from each other. In recent years, we have seen information security continuing to be defined with strong frameworks, guidelines, and support from regulators to security offices, while the concept of “trust” has just begun to emerge. In recent years we have seen Offices of Trust being defined in companies with the role of Chief Trust Officer.

Continue reading
(662 Results)