About Katherine Kostreva

This author has not yet filled in any details.
So far Katherine Kostreva has created 68 blog entries.

TomCast XXXI: EDR and XDR Solutions

2022-06-29T00:18:15+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are going to discuss EDR and XDR solutions, mainly surrounding what the acronyms stand for and how these types of solutions benefit organizations. I will not be calling out or recommending any specific EDR or XDR products; this is just an overview to ... Read More

TomCast XXXI: EDR and XDR Solutions2022-06-29T00:18:15+00:00
GSPBC-1052 - Defense Evasion - Impair Defenses

GSPBC-1052: Defense Evasion – Impair Defenses

2022-06-28T23:54:29+00:00

Impair Defenses Adversaries may maliciously modify components of a victim environment in order to hinder or disable defensive mechanisms. This not only involves impairing preventative defenses, such as firewalls and anti-virus, but also detection capabilities that defenders can use to audit activity and identify malicious behavior. This may also span both native defenses as well as supplemental capabilities installed by users and administrators. Adversaries could also target event aggregation and analysis mechanisms, or otherwise disrupt ... Read More

GSPBC-1052: Defense Evasion – Impair Defenses2022-06-28T23:54:29+00:00
SeedPod Partner Spotlight

GuardSight Partners with Cyber Insurance Program, SeedPod Cyber

2022-06-15T01:34:20+00:00

GUARDSIGHT PARTNERS WITH CYBER INSURANCE PROVIDER TO HELP CLIENTS SECURE THE BEST TERMS GuardSight has partnered with SeedPod Cyber, a cyber insurance program designed to help clients understand and secure cyber insurance. By special arrangement between GuardSight and SeedPod Cyber, SeedPod has aligned its underwriting criteria with the tech stack GuardSight offers. Clients with specific security features in place are pre-approved for coverage with savings of up to 30%. SeedPod developed its exclusive program ... Read More

GuardSight Partners with Cyber Insurance Program, SeedPod Cyber2022-06-15T01:34:20+00:00
GSPBC-1051 - Exfiltration - Exfiltration Over Physical Medium

GSPBC-1051: Exfiltration – Exfiltration Over Physical Medium

2022-06-14T21:43:27+00:00

Exfiltration Over Physical Medium Adversaries may attempt to exfiltrate data via a physical medium, such as a removable drive. In certain circumstances, such as an air-gapped network compromise, exfiltration could occur via a physical medium or device introduced by a user. Such media could be an external hard drive, USB drive, cellular phone, MP3 player, or other removable storage and processing device. The physical medium or device could be used as the final exfiltration point ... Read More

GSPBC-1051: Exfiltration – Exfiltration Over Physical Medium2022-06-14T21:43:27+00:00

TomCast 30: Cybersecurity as a Service (CSaaS)

2022-06-01T00:56:09+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today for our 30th TomCast we are joined by John McGloughlin, owner and founder of GuardSight. Welcome, John! On this TomCast we are going to discuss Cybersecurity-as-a-service. John, let’s kick things off with some questions surrounding what a cybersecurity-as-a-service offers. [Listen to the full TomCast ... Read More

TomCast 30: Cybersecurity as a Service (CSaaS)2022-06-01T00:56:09+00:00

TomCast XXIX: Penetration Testing

2022-06-01T00:41:55+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are joined by Nathan Coats, the Director of Cybersecurity Special Operations and Incident Response to talk about penetration testing. Welcome Nathan! [Listen to the full TomCast to hear the answers.] What is penetration testing? What makes it so useful? It seems like this ... Read More

TomCast XXIX: Penetration Testing2022-06-01T00:41:55+00:00

TomCast XXVIII: Tabletop Exercises

2022-05-17T03:16:57+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are diving into the topic of tabletop exercises. We will define for you what they are, why they are performed, when they should be performed, and who should be performing them. Ok, let’s jump in! WHAT IS A TABLETOP EXERCISE? WHY SHOULD TABLETOP ... Read More

TomCast XXVIII: Tabletop Exercises2022-05-17T03:16:57+00:00
GSPBC-1050 - Initial Access - Hardware Additions

GSPBC-1050: Initial Access – Hardware Additions

2022-05-17T02:48:11+00:00

Hardware Additions Adversaries may introduce computer accessories, networking hardware, or other computing devices into a system or network that can be used as a vector to gain access. Rather than just connecting and distributing payloads via removable storage (i.e. Replication Through Removable Media), more robust hardware additions can be used to introduce new functionalities and/or features into a system that can then be abused. While public references of usage by threat actors are scarce, many red ... Read More

GSPBC-1050: Initial Access – Hardware Additions2022-05-17T02:48:11+00:00
GSPBC-1049 - Impact - Resource Hijacking

GSPBC-1049: Impact – Resource Hijacking

2022-05-04T02:26:36+00:00

Resource Hijacking Adversaries may leverage the resources of co-opted systems in order to solve resource intensive problems, which may impact system and/or hosted service availability. One common purpose for Resource Hijacking is to validate transactions of cryptocurrency networks and earn virtual currency. Adversaries may consume enough system resources to negatively impact and/or cause affected machines to become unresponsive. Servers and cloud-based systems are common targets because of the high potential for available resources, but user endpoint ... Read More

GSPBC-1049: Impact – Resource Hijacking2022-05-04T02:26:36+00:00
Go to Top