Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Articles by

Andy Green

Sysmon Threat Analysis Guide

Over the course of my pen testing experiments for the IOS blog, I’ll often “go to the video” —  that is take a peek into the Windows Event logs —...

Read More

Beyond Privacy and DSARs: Public Data Requests (FOI) Are the Law in 50 States

Happy 2020!  The New Year brings Californians under the California Consumer Privacy Act (CCPA). CA consumers can ask state-based companies for all relevant data, and to request that companies delete...

Read More

Complete Guide to Privacy Laws in the US

Contrary to conventional wisdom, the US does indeed have data privacy laws. True, there isn’t a central federal level privacy law, like the EU’s GDPR. There are instead several vertically-focused...

Read More

Insider Threats: Living With WMI Permanent Events

At the end of the previous post in this series, I suggested WMI permanent events, though somewhat complicated, is a more effective way for insiders to conduct surveillance on their...

Read More

Active Directory Has a Privacy Problem

Back when I was pen testing with the wonderful PowerView, I was using it to pull user information from Active Directory.  At the time I was more interested in gathering...

Read More

What is DNS Tunneling? A Detection Guide

DNS Tunneling turns DNS or Domain Name System into a hacking weapon. As we know, DNS is a giant White Pages or phone directory for the Internet. DNS also has...

Read More

What the H**L Does Reasonable Data Security Really Mean?

For anyone who’s spent time looking at data security laws and regulations, you can’t help but come across the words “reasonable security”, or its close cousin “appropriate security”.  You can...

Read More

California Consumer Privacy Act (CCPA) Compliance Guide

The California Consumer Privacy Act (CCPA) is “the first consumer privacy act in the country,” as one California legislator put it.  No other US state has provided its citizens with  GDPR-like...

Read More

Insider Threats: Hard Lessons From WMI Eventing and Surveillance

Last time, we explored how a hypothetical insider could use the Windows Management Interface (WMI) and its eventing system to surveil other employees. No, I’m not the first person to...

Read More

A Practical Software Approach to Insider Threats

Insider data theft presents multiple challenges for traditional IT security. Insiders are employees who are entitled to be in the network unlike hackers. Standard perimeter security measures won’t work. But...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.