The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 2
In this blog, Jake Williams, Founder of Rendition InfoSec, shares his guidance and best practices on how to structure and evolve red and blue teams.
Using Zero Trust principles to protect against sophisticated attacks like Solorigate
The Solorigate supply chain attack has captured the focus of the world over the last month. This attack was simultaneously sophisticated and ordinary. The actor demonstrated sophistication in the breadth of tactics used to penetrate, expand across, and persist in affected infrastructure, but many of the tactics, techniques, and procedures (TTPs) were individually ordinary.
How IT leaders are securing identities with Zero Trust
The past twelve months have been a remarkable time of digital transformation as organizations, and especially digital security teams, adapt to working remotely and shifting business operations. IT leaders everywhere turned to Zero Trust approaches to alleviate the challenges of enabling and securing remote work.
Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender
This blog is a guide for security administrators using Microsoft 365 Defender and Azure Defender to identify and implement security configuration and posture improvements that harden enterprise environments against Solorigate’s attack patterns.
The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1
In this blog, Jake Williams, Founder of Rendition InfoSec, shares his insights on the 2020 threat landscape—who to watch for and why—and how to think about red and blue teaming within your organization.
Advice for incident responders on recovery from systemic identity compromises
Customers across the globe are asking for guidance on recovering their infrastructure after being impacted by Solorigate. DART walks you through remediation steps as well as some longer term mitigations.
Building a Zero Trust business plan
These past six months have been a remarkable time of transformation for many IT organizations. With the forced shift to remote work, IT professionals have had to act quickly to ensure people continue working productively from home—in some cases bringing entire organizations online over a weekend.
IoT security: how Microsoft protects Azure Datacenters
Azure Sphere first entered the IoT Security market in 2018 with a clear mission—to empower every organization on the planet to connect and create secure and trustworthy IoT devices. Security is the foundation for durable innovation and business resilience. Every industry investing in IoT must consider the vulnerabilities of the cyberthreat landscape.
Key layers for developing a Smarter SOC with CyberProof-managed Microsoft Azure security services
Security teams are struggling to reduce the time to detect and respond due to the complexity and volume of alerts being generated from multiple security technologies.
CISO Stressbusters: 7 tips for weathering the cybersecurity storms
An essential requirement of being a Chief Information Security Officer (CISO) is stakeholder management. In many organizations, security is still seen as a support function; meaning, any share of the budget you receive may be viewed jealously by other departments.
Becoming resilient by understanding cybersecurity risks: Part 1
All risks have to be viewed through the lens of the business or organization. While information on cybersecurity risks is plentiful, you can’t prioritize or manage any risk until the impact (and likelihood) to your organization is understood and quantified.
Best practices for defending Azure Virtual Machines
One of the things that our Detection and Response Team (DART) and Customer Service and Support (CSS) security teams see frequently during investigation of customer incidents are attacks on virtual machines from the internet. This is one area in the cloud security shared responsibility model where customer tenants are responsible for security.