Cyber threat intelligence explained
The cybersecurity industry is increasingly producing enormous amounts of raw threat data. The sheer volume of information threat researchers must sift through makes it difficult to collect, analyze, and research that data in a timely manner. This in turn limits their ability to understand what data is valid and useful and whether threat artifacts will result in legitimate threat indicators. …
Cybersecurity risk management explained
This blog was written by a third party author What is cybersecurity risk management? Cybersecurity risk management is the practice of prioritizing cybersecurity defensive measures based on the potential adverse impact of the threats they're designed to address. Establishing a risk management approach to cybersecurity investment acknowledges that no organization can completely eliminate every system vulnerability or block every…
Get the latest
security news
in your inbox.
RSS
Don’t call it a SIEM – How USM Anywhere does threat detection and response differently
Security Information and Event Management (SIEM) solutions have been the foundation of enterprises’ security operations and threat detection & response. Even though USM Anywhere has many key SIEM features, it is much more than a SIEM. Why? To perform threat detection, SIEMs and purpose-built threat consoles collect data from security devices. These include network firewalls, endpoint devices, …
How to secure Syslog with USM Anywhere
One of the requests we often get is how to securely forward logs to the USM sensor. To forward logs securely, the one component that is required is an SSL certificate. By default, USM has a self-signed certificate that will allow sending secure logs over port 6514. Some platforms, such as Palo Alto Networks, require publicly signed certificates by default. In…
Combat mobile phishing attacks targeting Financial Services with AI
Phishing attacks are a common attack vector for financial services organizations. Effective and simple to launch, phishing attacks challenge financial firms to protect their mobile workforce and harden their customer-facing apps. Mobile phishing, in particular, bypasses traditional perimeter defenses such as secure email gateways by targeting users via personal email, SMS and social messaging apps. These attacks typically seek to…
Stories from the SOC: Compromised account detected
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive Summary The Managed Threat Detection and Response (MTDR) analyst team was notified of multiple logins from different countries. With the shift to a…
Managed security services explained: what is an MSSP?
This blog was written by a third party author A managed security service provider (MSSP) is an IT service provider that focuses on delivering outsourced cybersecurity monitoring and management services to organizations. Different than a Managed IT Services Provider (MSP) that focuses on managing, maintaining, and servicing an organizations IT environment, MSSPs concern themselves with the continuous state of their…
Digital signatures security explained
This blog was written by an independent guest blogger. Digital signatures have been around for decades, but recent events have put them back in the spotlight. They were heralded as the future of cybersecurity as far back as 1999, but in the intervening years came to be somewhat taken for granted by security engineers. Not any longer: the massive move to…
Secure remote access explained
This blog was written by a third party author As the business world adjusts to the chaotic landscape of today’s economy, securing access from remote devices and endpoints has never been more critical. Equally critical is the requirement for organizations and their employees to practice good security hygiene. With the rising number of endpoints (laptops, servers, tablets, smartphones)…
Finding problems that matter
This blog was jointly authored with Ed Amoroso. See their previous blog for more! Towards the end of the 19th century, large cities like New York were facing a vexing problem so devastating that many questioned whether such cities could be sustained at all. People could no longer cross the street without assistance, stumbling was a common problem, disease…
In hard times, solve big problems and do your best work
This blog was jointly authored with Ed Amoroso. There’s something eerily familiar about the COVID-19 pandemic for us in the technology world. It’s not the striking similarity to the Hollywood “end-of-the-world” movies we have all seen. No, it’s more about the fear and uncertainty that accompanies an economic downturn—the feeling…
3 Steps to better cybersecurity in touchless business solutions (Part 3 of 3)
This blog was written by an independent guest blogger Image Source In Part 1 and Part 2 of this series, we covered the first two steps to better cybersecurity in touchless business solutions, which is to practice extra caution in cashless payment solutions, and to heighten cybersecurity and data protection protocols. We conclude this series by discussing the third step…
