Optiv Blog

Total Cost of 0wn3r$h!p

· By Colby Clark · 0 Comments

It is becoming both difficult and boring to keep up with all of the breaches hitting the headlines these days. It is difficult because of the ever increasing volume and boring because it is generally a rinse and repeat of the same methods of exploitation used again and again across companies.

Continue reading 0 Shares

The Transcendence of Breach Assessments

· By Chris Patten · 0 Comments

This blog post isn’t intended to be a panacea that will resolve past, present and future organization security breaches. That is a tall order many feel is unachievable, whether an accurate statement or not. However, a more focused approach to security and safety can help companies’ vested interests (e.g., employees, intellectual property, physical dwellings and information resources).

Continue reading 0 Shares

Diversionary Tactics 101

· By Jeff Horne · 0 Comments

When organizations are hacked or infected with malware, an important question they ask themselves is, “Who is attacking us?” Understanding an attackers profile gives your organization insight into their motives, tactics, and what they are after. The more you know about them, the more effective your strategy will be.

Continue reading 0 Shares

PCI DSS: The 30-Day Patch Rule

· By Jeff Hall · 0 Comments

Requirement 6.2 of the PCI DSS (6.1 in v2) has always created a lot of consternation and discussion. For those of you that have forgotten, requirement 6.2 states: “Ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor supplied security patches. Install critical security patches within one month of release.”

Continue reading 0 Shares

One Endpoint Agent to Rule Them All

· By Colby Clark · 0 Comments

As a significant part of my job, I regularly help customers architect and roadmap network, security and investigative technology solutions. At some point in this process, we always get down to the endpoint, looking at what functionality they need and which tools are right for the job. The problem is, there is a great big hole in the endpoint security and investigative space with dozens of vendors chipping away at it from all sides.

Continue reading 0 Shares

How To Survive Breach Failure (Part 3 of 3)

· By Terrence Weekes · 0 Comments

To effectively prepare for the possibility of a breach, it is paramount for your organization to have an effective incident response (IR) plan in place, and then stick to that plan if your organization does become under attack. But even if you successfully navigate through the incident, there are still several moments presented after a breach that are potential failure points for organizations.

Continue reading 0 Shares

How To Survive Breach Failure (Part 2 of 3)

· By Terrence Weekes · 0 Comments

Before an incident occurs , it is important for organizations to have a comprehensive incident response (IR) plan in place. In the chaos that arises during a breach, CISOs and security leaders need to avoid the natural tendency to drift from the established process, and make decisions that align with the formal IR plan.

Continue reading 0 Shares

Building a Security Program from Scratch

· By Michael Robbins · 0 Comments

he unfortunate reality of today’s business world is that information security breaches are an everyday occurrence. A quote that is thrown around in the information security space is “It is not a matter of if you will be breached, but when you will be breached.” In order to help reduce the likelihood of a breach, organizations need to implement adequate controls to secure systems, protect sensitive information, monitor activity and respond to incidents.

Continue reading 0 Shares

How To Survive Breach Failure (Part 1 of 3)

· By Terrence Weekes · 0 Comments

Many organizations have developed security response procedures to satisfy compliance and regulatory requirements; however, when a breach does occur we regularly see organizations making decisions or performing actions that don’t align with the established incident response plan.

Continue reading 0 Shares

Should You UTM?

· 0 Comments

When it comes to security devices, there are a lot more decisions to make than there used to be. Features that used to be market differentiators are now a given even on low-end commodity appliances, homogenizing offerings over the last few years. Market leaders have responded by adding new features and technologies to create what are now often referred to as Unified Threat Management (UTM) or Next-Generation Firewalls (NGFW).

Continue reading 0 Shares
(184 Results)