Optiv Blog

Operationalizing a Cyber Threat Intelligence Solution

· By Danny Pickens · 0 Comments

Cyber threat intelligence is a process required to make action-oriented, judgement-based decisions that are not otherwise possible. Optiv recommends considering four essential attributes of threat agents mapped back to a security posture, as well as six essentials courses of action, known as threat modeling, in order to properly produce, consume and act upon cyber threat intelligence.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 17

· By Jackson Byam · 0 Comments

For all functional roles in the organization prioritizing those mission critical to the business and its security, identify the specific knowledge, skills, and abilities needed to support defense of the enterprise; develop and execute an integrated plan to assess, identify gaps, and remediate through policy, organizational planning, training, and awareness programs.

Continue reading 0 Shares

Is an Effective Vulnerability Management Program in Your Future?

· By John Ventura · 0 Comments

The sad truth about penetration tests is that they are almost always successful in demonstrating dramatic security events. Even junior assessors can go from minimal access, below the level of most employees, and gain administrative domain credentials for an internal corporate network.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 16

· By Adam Schindelar · 0 Comments

Actively manage the lifecycle of system and application accounts – their creation, use, dormancy, deletion – in order to minimize opportunities for attackers to leverage them.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 15

· By Steven Darracott · 0 Comments

The processes and tools used to track, control, prevent and correct the security use of wireless local area networks (LANs), access points and wireless client systems.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 14

· By Joshua Platz · 0 Comments

The processes and tools used to track/control/prevent/correct secure access to critical assets (e.g., information, resources, and systems) according to the formal determination of which persons, computers, and applications have a need and right to access these critical assets based on an approved classification.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 13

· By Joshua Platz · 0 Comments

Detect/prevent/correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.

Continue reading 0 Shares

Using Deception Systems to Augment SIEM

· By Derek Arnold · 0 Comments

Many times, it can take large enterprises hundreds of days to detect security breaches. Worse yet, with in several recent instances, organizations have been notified of a breach by government agencies, or other third parties. Where does SIEM fit in as a detective control?

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 12

· By Joshua Platz · 0 Comments

Detect/prevent/correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.

Continue reading 0 Shares

MSSQL Agent Jobs for Command Execution

· By Nicholas Popovich · 0 Comments

The primary purpose of the Optiv attack and penetration testing (A&P) team is to simulate adversarial threat activity in an effort to test the efficacy of defensive security controls. Testing is meant to assess many facets of organizational security programs by using real-world attack scenarios.

Continue reading 0 Shares
(55 Results)