Optiv Blog

Using Micro-Segmentation to Protect Your Data – Part 2

· By Rob Brooks · 0 Comments

While micro-segmentation, software-defined networking (SDN) and software-defined data center (SDDC) technology providers VMWare, Cisco and Amazon Web Services provide the core foundation of the space, other technologies that integrate and enrich the space exist. These include firewalls, enhanced workload visibility and automated deception/incident response (IR) capabilities. Some of these products natively integrate into the core providers’ technology stack while others integrate through the use of agents or software within each host.

Continue reading 0 Shares

What Is SSL Web Inspection and Where Should It Occur? (Part 3)

· By David Cardwell · 0 Comments

In parts one and two of this blog series, I provided an overview of SSL web inspection, and dove deeper into how SSL inspection solutions work and metrics that can be put in place to measure effectiveness. In this third and final post of the blog series, I will discuss the benefits and downsides of SSL inspection, and how to put a plan in place for your organization.

Continue reading 0 Shares

What Is SSL Web Inspection and Where Should It Occur? (Part 2)

· By David Cardwell · 0 Comments

Hardware will vary between vendors and even different models within a vendor’s catalog. Some models/vendors will offload complex CPU tasks (decryption/encryption) to dedicated CPUs while some models/vendors will use software, but they rely on the same hardware that non-encrypted traffic shares. That being said, cloud content filtering solutions remove the need for sizing equipment to decrypt SSL traffic since the inspection is done within the provider’s environment.

Continue reading 0 Shares

What Is SSL Web Inspection and Where Should It Occur? (Part 1)

· By David Cardwell · 0 Comments

SSL inspection is the process of “proxying” a SSL session in order to decrypt the traffic and monitor/inspect it against various controls. Network traffic is increasingly going over encrypted channels, and the investments organizations have made in network security and monitoring solutions are becoming less and less effective since they can’t see inside an encrypted payload. Consequently, network and security teams are becoming increasingly more blind to what is on, coming into and leaving the network.

Continue reading 0 Shares

Using Micro-Segmentation to Protect Your Data – Part 1

· By Rob Brooks · 0 Comments

As software-defined networking (SDN) technologies have become more prevalent and organizational perimeters have become blurred, micro-segmentation is emerging as a critical requirement for protecting the data within these virtualized environments. Micro-segmentation is a security concept that allows for the separation and protection of virtualized, core data center components.

Continue reading 0 Shares

Critical Infrastructure Security

· By Security Communications and Awareness Team, Jeff Stanley · 0 Comments

The United States Department of Homeland Security identifies 16 critical infrastructure sectors whose assets, systems and networks—whether physical or virtual—are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on national security, economic security, public health and safety, or any combination thereof.

Continue reading 0 Shares

KRACK - What you need to know about Key Reinstallation AttaCKs

· By Matthew Eidelberg, Steven Darracott, Charlie Koehler, Josh Wyatt · 0 Comments

On Monday, October 16, researchers announced the discovery of several vulnerabilities within the wireless protocol WPA and WPA2. The details of these vulnerabilities—dubbed KRACK—have not been disclosed in full to the public, as researchers only released a whitepaper and a video outlining the vulnerabilities.

Continue reading 0 Shares

From the Boardroom to the Breakroom: Cyber Security in the Workplace

· By Security Communications and Awareness Team, Jeff Stanley · 0 Comments

Key steps to cyber security in the workplace include establishing and maintaining a “security culture” in which company networks and the data they hold are protected from internal and external risk. Top-tier executives must show a commitment to the process by encouraging responsible use of company IT systems, meaningful participation in cyber security awareness and training programs, and protection from current cyber threats.

Continue reading 0 Shares

Online Safety - Simple Steps

· By Security Communications and Awareness Team, Jeff Stanley · 0 Comments

From cyber bullying to obtaining personal and sensitive information through phishing campaigns, harm lurks in many corners of the Internet. With a few simple steps, anyone connected can improve their personal security, making their online activities safer.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 20

· By Joshua Platz · 0 Comments

Test the overall strength of an organization’s defenses (the technology, the process and the people) by simulating the objectives and actions of an attacker.

Continue reading 0 Shares
(173 Results)