Optiv Blog

Intelligence Bulletin – India Hiring Proxy

· By gTIC ·

On June 4, 2018, Optiv gTIC Human Intelligence (HUMINT) cell contacted an India-based individual providing interview-proxy services for job applicants in the US and elsewhere. The individual provided details of his services, pricing structure, areas of expertise, as well as a link to his Google Drive where he stored videos of previous interviews as a “proof-of-concept” of his services. This type of service is assessed to be common practice and poses a risk to information security organizations due to the risk of unqualified candidates being improperly hired.

Continue reading

Skills Gap – Hiring When There’s No People

· By Optiv ·

While part of the solution to a robust and complete security program is security automation and orchestration (SAO), do not forget that hackers are human and therefore require white hat humans to think like them. There’s no way to remove human hands to help solve it. But this creates the other problem: Finding the right people with the right cyber security skills during a much-lamented skills shortage.

Continue reading

Employees’ Contribution to Breach of Trust

· By Peter Gregory ·

This is a follow up article to our earlier blog post, Thoughts on Breach of Trust vs. Breach of Security. In his Optiv blog article, Mitch Powers stated that 1 in 5 employees would be willing to sell their password to an outside party. Is this a potential contributor to a breach of trust between organizations? Could such employees be identified prior to or during employment?

Continue reading

Getting Started with Postman for API Security Testing: Part 2

· By Rushyendra Reddy Induri ·

Postman is a useful tool used by many developers to document, test and interact with Application Programming Interfaces (APIs). This post will explore a couple of use cases for security testing, such as using data-driven tests (Postman Collection Runner) for parameter fuzzing and using the Postman Sandbox JS execution (Pre-request Script) environment for Hashed Message Authentication Code (HMAC) Header Implementation.

Continue reading

We Want Robots to Do (Part of) Our Job

· By Woodrow Brown ·

The job of an information security analyst today is rife with repetitive, sometimes mundane tasks that are performed based on the analyst’s best practices. The operations team as a whole doesn’t have it much better. Over the course of budget cycles, organizations have acquired new tools, new solutions and new platforms. Many are fully functional, some haven’t yet been deployed and very few are integrated with the rest of the security infrastructure.

Continue reading

Security Operations Efficiency is Not Gained Through a Patchwork of Expensive Security Tools

· By Todd Weber ·

Cloud, mobile, social media, IoT and big data have profoundly expanded the attack surface in the latest cyber super cycle, and it’s no surprise organizations continue to increase the number of tools in their security infrastructure. Also no surprise is the amount of cyber security spending growing at over a 29% CAGR yet organizations are barely keeping up with the increasing threat landscape.

Continue reading

Russian Information Operations: Understanding One of the Most Prolific of Threat Actors

· By Courtney Falk ·

Today’s businesses are underestimating the enemy. A lack of knowledge about threat actors, and their intent, as well as an inability to thwart them has left businesses at risk. The ability to see things from the eyes of the enemy can help organizations understand threat actor intent and, therefore, build stronger cyber resilience. Optiv is launching a new resource to help readers obtain a clearer view of the current cyber security landscape from the perspective of threat actors.

Continue reading

Agile and Proactive Security Assessments of AWS Cloud Deployments

· By Daniel Brennan ·

Most companies have security personnel, but their expertise in the cloud may be limited. To have a team of highly trained AWS security experts on staff is a bit of a rarity. Yet, security in the cloud is often paramount to the success of the organization. As a result, organizations often call Optiv to assess the current state of their AWS implementations and report on security findings. We often find that the first hurdle to overcome is not technical in nature but related to developing trusted partnerships within the organization. We and our clients are able to do our best, and better achieve the businesses’ unique objectives, when we are tightly aligned.

Continue reading

Managing Custom Roles in Azure

· By Mike Hanson ·

While using Azure role-based access controls, Microsoft provides a set of built-in roles to meet the needs of providing least privileges. These roles work sometimes and you can add users/groups to multiple roles, but often times they do not define what you are using for roles of your architects, engineers, administrators, developers, and others. If these built-in roles provide too much access for individuals in certain roles, you can create custom roles that you can manage.

Continue reading

Quick Tips for Building an Effective AppSec Program – Part 3

· By Shawn Asmus ·

This is the last post in my series on creating an effective AppSec program within your organization. In my last post, we discussed the importance of toolchains, defect tracking, and establishing vulnerability management processes to help your AppSec and development teams stay on top of remediation efforts in an efficient and programmatic way. In this post, we’ll spend some time exploring how to enable the various stakeholders across the organization, how to measure the effectiveness of your AppSec program, the importance of a knowledge management system, and application runtime protection. So let’s get started.

Continue reading
(46 Results)