A Zero Trust Network Architecture (ZTNA) POV with Appgate

We, at Avertium, sat down with Chris Scheels, VP of Product Marketing at Appgate, to get his take on Zero Trust, why it’s so hot right now, and how Appgate’s Software-Defined Perimeter (SDP) helps companies accelerate their journey to Zero Trust Network Architecture (ZTNA). What is Zero Trust? What is Appgate SDP and why is […]

July 4th Post Mortem on PrintNightmare and REvil

Cybersecurity is no longer a liberty or a privilege, it is a necessity. Over the course of 2021, there have been over 21,000 confirmed ransomware threats, and as technology continues to advance, so do the capabilities of those who wish to exploit software vulnerabilities to attack companies. The latest noteworthy exploit leveraged a vulnerability in […]

Attack Surface Management vs. Vulnerability Management

asm vs vm

Welcome to Attack Surface Management Over the years, vulnerability management (VM) was performed in conjunction with penetration testing, vulnerability scanning, and web app assessments. These were some of the key players in helping us understand which of our technology assets are susceptible to ransomware threats and identify where the vulnerabilities lie within our organization to […]

You’re Secure – But are Your Vendors? Assessing Third Party Risk

third party risk

This post was guest-written in partnership with Avertium by Bob Maley, CSO at Black Kite. Foreword: Bob Maley on The Left / Right of Bang Approach As Chief Security Officer at Black Kite, there’s a military concept that I regularly apply to cybersecurity and 3rd party risk. It’s called Left of Bang. In any military […]

Reducing Ransomware Risk in Healthcare

mitigating ransomware in healthcare

How much are you willing to pay to get your personal data back? How about hundreds and thousands of personal data records stored in your company? The impacts of the global pandemic have put the healthcare industry at the top of the list for ransomware threats.  In fact, healthcare cyberattacks doubled in 2020, with 28% tied to ransomware.  And the truth is, ransomware is […]

SolarWinds Orion Compromise Guidance

Darkside Ransomware

SolarWinds Orion Compromise This threat report is about the SolarWinds Orion platform compromise and contains information pertinent to security operations teams that have the specific version of SolarWinds Orion deployed in their environment.  SolarWinds Orion is a widely-deployed IT management and monitoring platform used by IT organizations across many industries. The supply chain nature of […]

What Is Security Orchestration, Automation and Response (SOAR)?

What is SOAR?

Continuing with our Cybersecurity Awareness series, Avertium answers the question, “What is Security orchestration, automation and response (SOAR)?” and provides insight into three primary capabilities a SOAR implementation enables. What Is SOAR? SOAR is a process designed to automate and accelerate security operations, analytics and reporting. Research and advisory company Gartner was the first to […]

How to Leverage Your SIEM to Detect and Respond to Ransomware

how to detect ransomware

According to the Ponemon Institute, only 20% of organizations are confident of their ability to deal with a ransomware attack. This may seem counter intuitive since the cost of a successful attack to an organization can be significant, but exemplifies the challenges endemic preventing, detecting and responding to the growing sophistication of ransomware threat actors. […]

EDR vs. MDR: Which Threat Detection is Right for You?

EDR vs. MDR Threat Detection

Today’s threat environment for enterprises and small businesses is expanding at a rate that makes keeping pace a challenge. Cybersecurity threats manifest today at higher volume, with greater diversity and more sophistication than ever before. Highlights from the 2020 Cost of a Data Breach Report, conducted by IBM in partnership with the Ponemon Institute, demonstrate […]

Using Application Whitelisting to Stop Malware

Application Whitelisting to Stop Malware

When Avertium’s CyberOps Center of Excellence analysts’ map the attacks we see against the MITRE ATT&CK framework, we find that the most common Initial Access technique used today is Phishing. Through the Phishing tactic, attackers will often attempt to execute malicious code on the victim machine through malicious links or attachments.  Execution of this malicious […]