-
Cybersecurity Incident Response: Three Lessons from Uber’s Story
December 15, 2017, Doug Hudson, Senior Director, Cyber Risk Advisory, Coalfire
The recent news regarding the Uber breach has captured the attention of both the public and legislators. It seems that Uber’s security team discovered a breach, paid a ransom, and didn’t report the matter to company leaders, law enforcement, personnel, or customers.
Read more
-
Deploying and Troubleshooting Compliance Baselines
December 11, 2017, Kyle Snavely, Senior Consultant, Cyber Engineering, Coalfire
If you are in the IT space, you’ve most likely encountered or are bound by some form of regulation/framework such as PCI, HIPAA, FISMA, and/or CGIS. Most of these compliance programs require a hardened baseline to be implemented within your information systems to reduce the risk and impact of an adverse security event. In this post, we’ll take a brief look at building a hardened baseline, examine some tools to assist in a phased approach to deployment, and discuss some common issues that may arise from deploying a system hardening regime.
Read more
-
She Powers Tech
December 01, 2017, Jennifer Tonisson, Partner Marketing Manager, Technology & Cloud, Coalfire
November 28th at the Venetian in Las Vegas, AWS re:INVENT held an important session that could shape the future of technology. The sold-out session, SHE POWERS TECH: Women Supporting Women in Tech, filled a ballroom with 500 women in technology and a few men who were interested in the topic. The impressive line-up of speakers included women in a wide variety of technological fields spanning automotive engineering to technology in fashion.
Read more
-
How Next-Generation Firewall Platforms Help Protect Your Perimeter at Each Stage of the Cyber Kill Chain*
November 16, 2017, Mark Bedell, Senior Consultant, Cyber Engineering, Coalfire
Whether you need to upgrade your firewalls on-premise or in the cloud, next-generation firewalls (NGFWs) can significantly reduce the risks associated with the modern threat landscape. Since attacks have evolved using techniques such as encryption, polymorphism, etc., firewalls have also evolved to protect against some of the most sophisticated attacks. Whether they are deployed as physical appliances or virtual machines, these firewalls are not only “application aware,” but they have become complete threat intelligence managers guarding you against known and zero-day threats.
Read more
-
News and Updates from the PCI Europe Community Meeting
November 06, 2017, Sam Pfanstiel, Solution Principal, PCI, Coalfire
In September, Hurricane Irma forced the PCI SSC to cancel the North America Community Meeting; and the uncertainty of Catalonian independence from Spain may have led some to stay home from the Europe Community Meeting held in Barcelona last week. Nevertheless, the Coalfire team was well-represented in Barcelona. Because there were so many valuable updates, we offer this summary to keep you informed of these important developments in the world of PCI.
Read more