Optiv Blog

Operationalizing a Cyber Threat Intelligence Solution

· By Danny Pickens · 0 Comments

Cyber threat intelligence is a process required to make action-oriented, judgement-based decisions that are not otherwise possible. Optiv recommends considering four essential attributes of threat agents mapped back to a security posture, as well as six essentials courses of action, known as threat modeling, in order to properly produce, consume and act upon cyber threat intelligence.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 17

· By Jackson Byam · 0 Comments

For all functional roles in the organization prioritizing those mission critical to the business and its security, identify the specific knowledge, skills, and abilities needed to support defense of the enterprise; develop and execute an integrated plan to assess, identify gaps, and remediate through policy, organizational planning, training, and awareness programs.

Continue reading 0 Shares

Cloud Networking... The Preferred Choice for The Future

· By Benjamin Wilson · 0 Comments

As our universe becomes more robust and, its inhabitants become increasingly more aware of the stability of WAN, it is most certain that the future will produce an environment fixed upon cloud networking. Cloud networking. The time has arrived for us to get more acquainted with hearing that terminology used.

Continue reading 0 Shares

Is an Effective Vulnerability Management Program in Your Future?

· By John Ventura · 0 Comments

The sad truth about penetration tests is that they are almost always successful in demonstrating dramatic security events. Even junior assessors can go from minimal access, below the level of most employees, and gain administrative domain credentials for an internal corporate network.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 16

· By Adam Schindelar · 0 Comments

Actively manage the lifecycle of system and application accounts – their creation, use, dormancy, deletion – in order to minimize opportunities for attackers to leverage them.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 15

· By Steven Darracott · 0 Comments

The processes and tools used to track, control, prevent and correct the security use of wireless local area networks (LANs), access points and wireless client systems.

Continue reading 0 Shares

Re-Assessing the Devices on your Guest Wireless Network...

· By William F. Carr · 0 Comments

Has your "Guest" Network become the defacto landing place for pseudo-production devices? I shared an insightful discussion with a customer recently who mentioned that although their "Guest" Wireless LAN was deployed specifically for true Guests, that it has become the fastest path to deploy devices that cannot perform 802.1X authentication, do not belong to the organization or are otherwise unmanaged, and require Internet (or worse Internal) Network access for specific applications.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 14

· By Joshua Platz · 0 Comments

The processes and tools used to track/control/prevent/correct secure access to critical assets (e.g., information, resources, and systems) according to the formal determination of which persons, computers, and applications have a need and right to access these critical assets based on an approved classification.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 13

· By Joshua Platz · 0 Comments

Detect/prevent/correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.

Continue reading 0 Shares

Using Deception Systems to Augment SIEM

· By Derek Arnold · 0 Comments

Many times, it can take large enterprises hundreds of days to detect security breaches. Worse yet, with in several recent instances, organizations have been notified of a breach by government agencies, or other third parties. Where does SIEM fit in as a detective control?

Continue reading 0 Shares
(67 Results)