In the era of digital transformation, businesses are increasingly relying on cloud computing to enhance efficiency, flexibility, and scalability. However, as organizations migrate their sensitive data and critical applications to the cloud, the risk of security breaches becomes a paramount concern. This blog explores various types of cloud vulnerabilities and security threats that could lead to a cloud security breach, providing real-world examples and current solutions. (1) Data Breaches and Inadequate Access Controls: Vulnerability: ... Read More
About Katherine KostrevaThis author has not yet filled in any details.
So far Katherine Kostreva has created 165 blog entries.
Hello, and welcome back to this next TomCast from GuardSight, an Iron Bow Technologies company; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we’re going to discuss training. A rather broad topic, but some ideas that should be thought about when approaching this topic within your various organizations and industries. How do you all approach training? Does your organization look at it ... Read More
Group Policy Discovery Adversaries may gather information on Group Policy settings to identify paths for privilege escalation, security measures applied within a domain, and to discover patterns in domain objects that can be manipulated or used to blend in the environment. Group Policy allows for centralized management of user and computer settings in Active Directory (AD). Group policy objects (GPOs) are containers for group policy settings made up of files stored within a predictable network ... Read More
GuardSight partner Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities. Surefire Cyber provides clients confidence by helping them prepare, respond, and recover from cyber incidents—and to fortify their cyber resilience after an incident. Billy Gouveia, CEO and Founder of Surefire Cyber, weighs in on company solutions, trends in the education industry, and challenges faced by stakeholders: How does ... Read More
Supply Chain Compromise Adversaries may manipulate products or product delivery mechanisms prior to receipt by a final consumer for the purpose of data or system compromise. Supply chain compromise can take place at any stage of the supply chain including: Manipulation of development tools Manipulation of a development environment Manipulation of source code repositories (public or private) Manipulation of source code in open-source dependencies Manipulation of software update/distribution mechanisms Compromised/infected system images (multiple cases of removable ... Read More
Hello, and welcome back to this next TomCast from GuardSight, an Iron Bow Technologies company; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Ok, over the past couple of TomCasts we have discussed disaster recovery and business impact analysis. We’re going to tie these parts of organizational resilience together today with the business continuity plan. What is a business continuity plan? Well, just ... Read More
In an era marked by relentless technological advancements and increasingly sophisticated cyber threats, organizations face the daunting challenge of maintaining cybersecurity compliance. It is imperative for business leaders to understand how the landscape of cybersecurity regulations and compliance requirements is evolving rapidly. In this blog post, we delve into the intricacies of this dynamic landscape, providing advanced insights and strategies to help organizations navigate the changing terrain while bolstering their overall security posture. The ... Read More
In today's digital landscape, organizations are increasingly adopting cloud-native technologies to accelerate innovation and achieve greater agility. The shift to cloud-native environments, characterized by containerization, serverless computing, and microservices, has brought significant benefits. However, it has also introduced complex security challenges that require advanced strategies to protect sensitive data and applications. In this blog post, we will delve into the world of cloud-native security and explore advanced techniques and best practices for safeguarding your ... Read More