Privilege escalation is when an attacker is able to exploit the current rights of an account to gain additional, unexpected access. While this can be caused by zero-day vulnerabilities, state-level actors crafting attacks or cleverly disguised malware most often it’s a result of a simple account misconfiguration. From there, attackers can escalate through a series of small vulnerabilities that when chained together result in a potentially catastrophic data breach. If you’re a security professional it…

Serious data leaks are increasingly prevalent in the news. We mostly hear about the immediate impact of those leaks and the steps taken to fix them, but how much do we actually know about how companies find and prevent these leaks? A lot of companies require employees to sign non-disclosure agreements (NDAs) to legally hold leakers accountable, but this isn’t the most effective method to prevent leaks. Major corporations like Google and Apple also take…

Any security practitioner that has had to perform forensic analysis on a cybersecurity incident likely describes the process as “searching for a needle in a stack of needles.” Even Tony Stark’s magnet isn’t going to help. Anyone who has used a SIEM or any other monitoring system to figure out how gigabytes of data was stolen knows how difficult that task can be. Varonis leverages Solr to optimize and streamline the process of analyzing data…

We take well over a trillion photographs a year, upload hundreds of hours of video a minute, and commit search queries tens of thousands of times per second. The sheer amount of data that companies save is staggering and growing exponentially year-over-year. Social media giants, web infrastructure providers and other large companies around the world manage data at dizzying scales. Not only do these corporations handle a lot of data — they handle important and…

While the cost of a cyber attack is often discussed, we seldom hear about just how common these attacks actually are. Numerous security experts believe that a cyber attack or breach of catastrophic proportions is no longer a matter of if, but a matter of when. According to the World Economic Forum’s 2018 Global Risks Report, the top three risks to global stability over the next five years are natural disasters, extreme weather and cyber…

In order to protect your sensitive data, you have to know what it is and where it lives. Data classification is the process of analyzing structured or unstructured data and organizing it into categories based on the file type and contents. Data classification is a process of searching files for specific strings of data, like if you wanted to find all references to “Szechuan Sauce” on your network. Or if you needed to know where…

The cybersecurity landscape is constantly evolving. New security threats pop up daily, and threat actors can be an employee in the next cubicle or a blackhat hacker in a coffee shop in Bangkok. Additionally, cybersecurity has real-world implications that reach far beyond the boardroom — everything from Internet-connected teddy bears to the stability of world governments is impacted by cyber. As such, it’s more important than ever that everyone in your organization is up to…