2023 – Page 3 – Tales from a Security Professional

Can you piece back the puzzle of the timeline?

Sooner or later, the environment you are responsible for will be hit by a security incident. Small or big. But no matter how significant the incident is, the high-level steps to remediate the incident are the same. Identification, containment, eradication, and post-mortem. And each of these steps has one thing in common. The timeline. In order to contain the incident, you need to find both Patient Zero and Moment Zero. Most people are familiar with the term Patient Zero. But what is Moment Zero?

April 22, 2023

Management / Security Operation Center

Judgment day: are you ready for it?

If you are a security professional, you know this day is coming. The day the security is breached. And you think you have all the relevant processes and procedures in place. Let’s zoom out a little bit. According to NIST, a security incident has five distinct phases: identification, containment, eradication,...

March 26, 2023

Security Operation Center / Threat Intelligence

Do you have an effective cyber hunting team?

In cybersecurity, everything is evolving rapidly. It is an ongoing battle between adversaries and defenders. And the terrible thing is, the defenders indeed drew the short end of the stick. They need to defend against any type of threat while the adversary has the time and can sharpen and perfect his threat. Therefore, the logical question is ‘How do you keep up with the developments of the adversaries?’

March 12, 2023

Management / Vulnerability Management

Are you really remediating all the discovered vulnerabilities?

According to an article published by PcMag, LastPass was breached in 2022 by a 3-year-old vulnerability! You would expect that a security vendor is remediating all discovered vulnerabilities swiftly. But that on its own raises a few questions. Questions like ‘Do you really scan all your assets?’ and ‘Do you really track remediation efforts?’. These are questions that every CISO/Security Manager should be asking its vulnerability scanning team. But is it that simple?

March 5, 2023