kkostreva@guardsight.com

About Katherine Kostreva

This author has not yet filled in any details.
So far Katherine Kostreva has created 165 blog entries.

Safeguarding the Cloud: Unraveling Vulnerabilities, Threats, and Solutions

2023-11-15T03:37:09+00:00

In the era of digital transformation, businesses are increasingly relying on cloud computing to enhance efficiency, flexibility, and scalability. However, as organizations migrate their sensitive data and critical applications to the cloud, the risk of security breaches becomes a paramount concern. This blog explores various types of cloud vulnerabilities and security threats that could lead to a cloud security breach, providing real-world examples and current solutions. (1) Data Breaches and Inadequate Access Controls: Vulnerability: ... Read More

Safeguarding the Cloud: Unraveling Vulnerabilities, Threats, and Solutions2023-11-15T03:37:09+00:00

TomCast LXVI: Training

2023-11-15T03:23:20+00:00

Hello, and welcome back to this next TomCast from GuardSight, an Iron Bow Technologies company; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we’re going to discuss training. A rather broad topic, but some ideas that should be thought about when approaching this topic within your various organizations and industries. How do you all approach training? Does your organization look at it ... Read More

TomCast LXVI: Training2023-11-15T03:23:20+00:00
GSPBC-1076 - Discovery - Group Policy Discovery

GSPBC-1076 Discovery – Group Policy Discovery

2023-11-15T02:52:25+00:00

Group Policy Discovery Adversaries may gather information on Group Policy settings to identify paths for privilege escalation, security measures applied within a domain, and to discover patterns in domain objects that can be manipulated or used to blend in the environment. Group Policy allows for centralized management of user and computer settings in Active Directory (AD). Group policy objects (GPOs) are containers for group policy settings made up of files stored within a predictable network ... Read More

GSPBC-1076 Discovery – Group Policy Discovery2023-11-15T02:52:25+00:00
GuardSight Partner Q&A | Reimagining Incident Response: Surefire Cyber’s Tech-Enabled Framework

GuardSight Partner Q&A | Reimagining Incident Response: Surefire Cyber’s Tech-Enabled Framework

2023-10-20T16:10:19+00:00

GuardSight partner Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities. Surefire Cyber provides clients confidence by helping them prepare, respond, and recover from cyber incidents—and to fortify their cyber resilience after an incident. Billy Gouveia, CEO and Founder of Surefire Cyber, weighs in on company solutions, trends in the education industry, and challenges faced by stakeholders: How does ... Read More

GuardSight Partner Q&A | Reimagining Incident Response: Surefire Cyber’s Tech-Enabled Framework2023-10-20T16:10:19+00:00
GSPBC-1074 - Reconnaissance - Search Open Websites_Domains

GSPBC-1075 Initial Access – Supply Chain Compromise

2023-10-20T14:48:15+00:00

Supply Chain Compromise Adversaries may manipulate products or product delivery mechanisms prior to receipt by a final consumer for the purpose of data or system compromise. Supply chain compromise can take place at any stage of the supply chain including: Manipulation of development tools Manipulation of a development environment Manipulation of source code repositories (public or private) Manipulation of source code in open-source dependencies Manipulation of software update/distribution mechanisms Compromised/infected system images (multiple cases of removable ... Read More

GSPBC-1075 Initial Access – Supply Chain Compromise2023-10-20T14:48:15+00:00

TomCast LXV: Business Continuity

2023-10-17T00:36:10+00:00

Hello, and welcome back to this next TomCast from GuardSight, an Iron Bow Technologies company; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Ok, over the past couple of TomCasts we have discussed disaster recovery and business impact analysis. We’re going to tie these parts of organizational resilience together today with the business continuity plan. What is a business continuity plan? Well, just ... Read More

TomCast LXV: Business Continuity2023-10-17T00:36:10+00:00
Mastering Cybersecurity Compliance in a Dynamic Regulatory Environment

Mastering Cybersecurity Compliance in a Dynamic Regulatory Environment

2023-10-10T00:41:15+00:00

In an era marked by relentless technological advancements and increasingly sophisticated cyber threats, organizations face the daunting challenge of maintaining cybersecurity compliance. It is imperative for business leaders to understand how the landscape of cybersecurity regulations and compliance requirements is evolving rapidly. In this blog post, we delve into the intricacies of this dynamic landscape, providing advanced insights and strategies to help organizations navigate the changing terrain while bolstering their overall security posture. The ... Read More

Mastering Cybersecurity Compliance in a Dynamic Regulatory Environment2023-10-10T00:41:15+00:00
Securing Cloud-Native Environments: Advanced Strategies for Cloud Security

Securing Cloud-Native Environments: Advanced Strategies for Cloud Security

2023-10-10T00:35:03+00:00

In today's digital landscape, organizations are increasingly adopting cloud-native technologies to accelerate innovation and achieve greater agility. The shift to cloud-native environments, characterized by containerization, serverless computing, and microservices, has brought significant benefits. However, it has also introduced complex security challenges that require advanced strategies to protect sensitive data and applications. In this blog post, we will delve into the world of cloud-native security and explore advanced techniques and best practices for safeguarding your ... Read More

Securing Cloud-Native Environments: Advanced Strategies for Cloud Security