Optiv Blog

We Want Robots to Do (Part of) Our Job

· By Woodrow Brown ·

The job of an information security analyst today is rife with repetitive, sometimes mundane tasks that are performed based on the analyst’s best practices. The operations team as a whole doesn’t have it much better. Over the course of budget cycles, organizations have acquired new tools, new solutions and new platforms. Many are fully functional, some haven’t yet been deployed and very few are integrated with the rest of the security infrastructure.

Continue reading

Security Operations Efficiency is Not Gained Through a Patchwork of Expensive Security Tools

· By Todd Weber ·

Cloud, mobile, social media, IoT and big data have profoundly expanded the attack surface in the latest cyber super cycle, and it’s no surprise organizations continue to increase the number of tools in their security infrastructure. Also no surprise is the amount of cyber security spending growing at over a 29% CAGR yet organizations are barely keeping up with the increasing threat landscape.

Continue reading

Agile and Proactive Security Assessments of AWS Cloud Deployments

· By Daniel Brennan ·

Most companies have security personnel, but their expertise in the cloud may be limited. To have a team of highly trained AWS security experts on staff is a bit of a rarity. Yet, security in the cloud is often paramount to the success of the organization. As a result, organizations often call Optiv to assess the current state of their AWS implementations and report on security findings. We often find that the first hurdle to overcome is not technical in nature but related to developing trusted partnerships within the organization. We and our clients are able to do our best, and better achieve the businesses’ unique objectives, when we are tightly aligned.

Continue reading

Managing Custom Roles in Azure

· By Mike Hanson ·

While using Azure role-based access controls, Microsoft provides a set of built-in roles to meet the needs of providing least privileges. These roles work sometimes and you can add users/groups to multiple roles, but often times they do not define what you are using for roles of your architects, engineers, administrators, developers, and others. If these built-in roles provide too much access for individuals in certain roles, you can create custom roles that you can manage.

Continue reading

Quick Tips for Building an Effective AppSec Program – Part 3

· By Shawn Asmus ·

This is the last post in my series on creating an effective AppSec program within your organization. In my last post, we discussed the importance of toolchains, defect tracking, and establishing vulnerability management processes to help your AppSec and development teams stay on top of remediation efforts in an efficient and programmatic way. In this post, we’ll spend some time exploring how to enable the various stakeholders across the organization, how to measure the effectiveness of your AppSec program, the importance of a knowledge management system, and application runtime protection. So let’s get started.

Continue reading

Phishing - The Rest of the Story

· By Ken Dunham ·

Receiving an email lure designed to trick you into clicking a phishing link and then logging into a fake website has become a common threat. In this blog we look into how to dive deeper into the threat to move from reactive to proactive. These tactics help a company zoom in on specific threats that are common or repeated against them from both opportunistic and targeted attacks.

Continue reading

Transforming Logs and Alerts into Actionable Intelligence with UEBA Functionality

· By Jacob Bolm, Woodrow Brown ·

For information security practitioners, the stored value in security data can reduce both costs and risk. The progression of the treatment of log data is a testament to the recognition of this value. Computer logging facilities began as a first-in-first-out (FIFO) rolling buffer with a finite capacity. Organizations then moved to log management programs where log data was aggregated and stored. Next, Security Information and Event Management (SIEM) systems were put in place. Today, User and Entity Behavior Analytics (UEBA) solutions are at the forefront of unlocking the value of data and a growing number of companies are turning to UEBA to help solve their security challenges.

Continue reading

Dear Board of Directors, It’s Time to Do the Right Thing and Elevate IAM

· By Mitch Powers ·

I talk with IT executives regularly and have noticed a trend across industries that is concerning. While the threat of a data breach looms large on the horizon, IT leaders consistently appear to address the threat with a "wall building" focus. Certainly, protecting resources from unlawful entry is necessary and valuable, but what about the threat from within?

Continue reading

Observations on Smoke Tests – Part 3

· By Raina Chen ·

While attending one of our technology partner’s security training courses, the instructor presented on their product’s various features and capabilities. Some of the discussion centered around application and vulnerability management. As a consultant who mainly focuses on security testing, these features seemed rather useless to me. The importance of application vulnerability management was not revealed until I gained career experience with larger, global enterprise clients.

Continue reading

Getting Started with Postman for API Security Testing: Part 1

· By Rushyendra Reddy Induri ·

Postman is a useful tool used by many developers to document, test and interact with Application Programming Interfaces (APIs). With the ubiquity of APIs in mobile, web and other applications, Postman can be a useful tool for a security tester or developer to evaluate the security posture of the API. Part 1 of this blog series is to provide the basics of using Postman, explaining the main components and features.

Continue reading
(694 Results)