Alexey Laktionov

A few recent improvements by the team (🤘) to centrally collect and export forensic data from cloud resources like VMs and Containers, as well as on-premise systems: - Centrally store the evidence as .dd, .e01 or .zip - Download and export to your existing forensic tools - Download files from acquired systems, using “encrypted zip” for suspect files. -- Similar to VirusTotal Intelligence's Download File functionality for those who know it, but for your own data. All part of helping you build a central “Repeatable Investigation Process”

25

3 Comments

ISC2's CISSP: Is the Certification Broken? David Malachow interviews Ira Winkler on the Professional CISO Show, discussing Ira's open letter to ISC2 and its implications for CISSP certification. A must-watch for cybersecurity professionals! #ProfessionalCISO ['#ProfessionalCISO', '#Cybersecurity', '#CISSP', '#InfoSec', '#ISC2', '#CybersecurityPodcast', '#InformationSecurity', '#DataSecurity', '#ITSecurity', '#CyberRisk']

17

⚡ Cybersecurity threats are evolving fast! To stay ahead, organizations must embrace new security approaches involving fresh strategies, technologies, and a cloud-ready mindset. 🌐 Enter MITRE ATT&CK — the ultimate guide for security practitioners packed with invaluable insights into attacker techniques and behavior. Pretty handy, right? 💡 Sysdig's eBook show you how to identify and defend against common threats to #AWS environments using open-source Falco rules mapped to the ATT&CK framework. Boost your #AWScloud security and tackle any threat head-on by giving it a read today:

3

TOP MOST IMPORTANT FOR SECURITY ANALYST in 2024 by Cyber Security Clips ---------What is SOAR?----------- SOAR stands for Security Orchestration, Automation, and Response. It’s a tool or platform that automates security processes, orchestrates multiple security tools, and helps teams respond to incidents faster. Example: Imagine you have several tools (firewalls, antivirus, SIEM). SOAR acts like a conductor in an orchestra, making all these tools work together to detect and respond to security threats automatically. Suppose: A phishing email is detected. what SOAR do is, it automatically analyzes the email, quarantines it, blocks the sender, and alerts the security team, saving hours of manual work. Popular Companies: Splunk SOAR, IBM Resilient, Palo Alto Networks Cortex XSOAR. For more VISIT : https://lnkd.in/dajEYA4k #cybersecurity #linkedinpost #hr #splunk #ibm #paloaltonetworks #soar #jobs

2

Let me invite you to the next OWASP Suffolk meetup. It will be the first in-person event since 2020. The meeting will focus on networking and open discussion about security and 2025 plans. So come and join us. For more details, please follow the link below. #cybersecurity #infosec #appsec #owasp #suffolk

4

Power up ⚡ your vulnerability remediation cycle with the platform designed to zap 21st century headaches. We're talkin' saving time spent patching, automating your work, and getting back on CISA's good side. Here's how Vicarius helps: 🔹 See everything in one place: Forget siloed data and endless spreadsheets. Vicarius provides a single source of truth for all your vulnerability data. 🔹 Prioritise like a pro: Vicarius goes beyond just severity scoring. It uses real-time context to prioritise vulnerabilities that matter most to your organisation. 🔹 Patch smarter, not harder: Integrate patching for Windows, Linux, Mac, and third-party applications – all from the same platform. 🔹 Automate the mundane: Free yourself from repetitive tasks. Vicarius automates patching, threat mitigation, and even vulnerability scans. Try vRx today, risk-free, pain-free. (Seriously, why wait? ) #vulnerabilitymanagement #cybersecurity #CISA #automatedsecurity #patching

2

🚨 CISA Alert: Urgent Update Needed for Apache Flink Vulnerability A critical vulnerability (CVE-2020-17519) has been added to the CISA Known Exploited Vulnerabilities Catalog. Ensure your systems are secure by updating to the latest versions. 👇 Learn more: https://lnkd.in/e29Bx-Bj --- #TuxCare #linux #cybersecurity #opensource #technology #ransomware #linuxsecurity #software #hacking #devops #privacy

11

CMMC Level 2 Assessment Objective: Flaw Remediation for Controlled Unclassified Information (CUI) Data PRACTICE: Organizations must identify, report, and correct system flaws in a timely manner. ASSESSMENT: All software and firmware have potential flaws. Organizations must identify systems that are affected by announced software and firmware flaws, including potential vulnerabilities resulting from those flaws, and report this information to designated personnel with information security responsibilities. Security-relevant updates include patches, service packs, hot fixes, and antivirus signatures. Be prepared! Your assessor could ask to 🔍 EXAMINE system and information integrity policy. 🗣 INTERVIEW system or network administrators. 📝 TEST organizational processes for identifying, reporting, and correcting system flaws. (CMMC Assessment Guide: Level 2 Version 2.11, page 241) #CMMC #DoD #cybersecurity #NIST #InformationSecurity

55

Join us and GuidePoint Security at GPSec in Philadelphia to hear about upcoming trends in SaaS Security and how you can keep your SaaS stack secure 💪 Get ready to meet our team 👉 Kirra Rice Dustin Crossman Richard Snyder

2

🔒 Premium cybersecurity training – Are you ready to dive in? Our exclusive Into the Breach Workshop invites security engineers, analysts, and architects for an interactive simulation of a ransomware attack. 🕒 February 27, 2025, 1:00 - 6:30 PM 🏢 baseVISION Office, Olten With limited spots, register today and join other professionals for this free of charge deep dive! 👉 Click here to reserve your spot: https://lnkd.in/gikT2wgj #cybersecurity #Hacking

3

Don’t miss Uri Aronovici's talk at BSidesNYC this Saturday, October 19 at 11:30 AM ET. 🔗 More details on the talk here: https://lnkd.in/gsf28GbE What he'll cover: ☑ Analysis of vulnerabilities in providers ☑ Why we should care ☑ Possible attack flows  ☑ Best practices & mitigations

8

1 Comment

This could be the source of your "aha" moment with CMMC. Trust me when I say that there's a lot of FUD and myths in the marketplace, and there's a lot of sleight of hand being performed by people who really are not the experts they pretend to be in the CMMC echo system. Here's a few quick screening questions to ask. 1. Is CUI classified information? 2. Did DoD develop the requirements for protecting my sensitive information? 3. If I don't meet a particular control, I can always get an extension of up to a year to do so, correct? 4. Do I just have to meet 80% of the assessment objectives in each control to be certified? 5. Do I pass the assessment and receive a CMMC Level 2 certification if I meet 75% of the requirements? If you encounter hesitation on any of these questions by any company you're asking to help you comply with CMMC, I would suggest you keep looking. Better yet, go the NCMBC web site and pay the admission. It's $130 per person, and you get food, entertainment and fellowship with other managers and subject matter experts as you plot your journey through the CMMC echo system. Hope to see you there. It's an in person event at McKimmon Center of North Carolina State University. (https://lnkd.in/eitYSGUf, McKimmon Conference and Training Center at NC State University, 1101 Gorman St, Raleigh, NC 27606 (919) 515-2277). Registration link is in Laura's post.

1

🔒Cybersecurity Compliance Made Simple? Not quite. For many navigating NIST SP 800-53, it’s a complex but essential journey. Compliance isn’t just a checkbox—it’s a commitment to security. Let’s explore the top challenges and practical ways to address them. 👇 𝗧𝗼𝗽 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲𝘀 Achieving compliance with **NIST SP 800-53** is critical for organizations working with government systems. However, many face hurdles that complicate the process, leading to delays and frustration. Here are the top three challenges—and actionable strategies to overcome them. 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲 𝟭: 𝗨𝗻𝗱𝗲𝗿𝘀𝘁𝗮𝗻𝗱𝗶𝗻𝗴 𝘁𝗵𝗲 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸’𝘀 𝗖𝗼𝗺𝗽𝗹𝗲𝘅𝗶𝘁𝘆 NIST SP 800-53 outlines hundreds of controls across categories like Risk Assessment and Access Control. Its technical language can overwhelm teams trying to implement them effectively. 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀: - Simplify**: Tackle one control family at a time. - Bring in Experts**: Work with consultants experienced in federal compliance. - Use Tools**: Automate mapping controls to existing processes for efficiency. 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲 𝟮: 𝗜𝗻𝘁𝗲𝗴𝗿𝗮𝘁𝗶𝗻𝗴 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗶𝗻𝘁𝗼 𝗢𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝘀 Compliance is often treated as a “bolt-on” after development, leading to costly rework and inefficiencies. 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀: - Start Early**: Embed compliance into the development process. - Collaborate**: Form cross-functional teams with developers, security, and compliance experts. - Adopt DevSecOps**: Integrate compliance into development pipelines for ongoing alignment. 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲 𝟯: 𝗞𝗲𝗲𝗽𝗶𝗻𝗴 𝗨𝗽 𝘄𝗶𝘁𝗵 𝗖𝗵𝗮𝗻𝗴𝗶𝗻𝗴 𝗦𝘁𝗮𝗻𝗱𝗮𝗿𝗱𝘀 NIST SP 800-53 evolves with emerging threats. Revision 5, for example, emphasizes supply chain risk and privacy controls, challenging organizations to adapt quickly. 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀: - Stay Updated: Regularly review updates from [NIST.gov](https://www.nist.gov). - Train Continuously: Equip teams to understand revisions and implement changes effectively. - Perform Audits: Regularly assess compliance gaps and address them proactively. 𝗪𝗵𝘆 𝗧𝗵𝗶𝘀 𝗠𝗮𝘁𝘁𝗲𝗿𝘀 Non-compliance isn’t just about penalties—it’s about protecting critical systems and data. Organizations that prioritize compliance also position themselves as trusted partners in the federal space, enhancing security and reliability. 𝗬𝗼𝘂𝗿 𝗡𝗲𝘅𝘁 𝗦𝘁𝗲𝗽𝘀 At Steel Rail Security, we help organizations navigate these challenges with tailored guidance. Whether it’s gap analyses, strategy development, or full compliance support, we’ve got you covered. What’s your biggest challenge with NIST SP 800-53 compliance? 👇Share your thoughts below or reach out to start simplifying your journey to compliance. 🔑 Let’s build a more secure future—together.

1

Threat Analysts - fed up of waiting for critical insights? See how fast Kyle Contorno, our Scout Product Manager, can gain context on an IP address in seconds: https://lnkd.in/eG9eDaNZ If you’re a SOC Analysts or Threat Researcher and want to go faster, get in touch! #threatresearch #SOC #threathunting

18

2 Comments

Our latest article dives into the specific penetration testing mandates under the #NYDFS Cybersecurity Regulation known as 23 NYCRR 500. We explain what’s required, recent regulatory updates, and how to effectively integrate these requirements into your cybersecurity program to maintain compliance.Get the insights you need—read the full article on our website. #CyberSecurity #Compliance #NYDFS #PenetrationTesting #FinancialServices

4

Cyber Threat Investigation 🕵 Quickly understand scope and uncover root cause with targeted forensic-level evidence collection and analysis, delivering prioritized insights across hundreds of assets. Gain clarity fast to inform precise response, remediation, and confident recovery with Binalyze - Automated Investigation and Response (AIR) ==

6

1 Comment