Category Archives: Data Security

Varonis Gets Lightning Fast with Solr

Varonis Gets Lightning Fast with Solr

Any security practitioner that has had to perform forensic analysis on a cybersecurity incident likely describes the process as “searching for a needle in a stack of needles.” Even Tony Stark’s magnet isn’t going to help. Anyone who has used a SIEM or any other monitoring system to figure out how gigabytes of data was stolen knows how difficult that task can be. Varonis leverages Solr to optimize and streamline the process of analyzing data…

What is Mimikatz: The Beginner’s Guide

what is mimikatz hero

Benjamin Delpy originally created Mimikatz as a proof of concept to show Microsoft that their authentication protocols were vulnerable to attack. Instead, he inadvertently created one of the most widely used and downloaded hacker tools of the past 20 years. Rendition Infosec’s Jake Williams said, “Mimikatz has done more to advance security than than any other tool I can think of.” If you’re tasked with protecting Windows networks, it’s essential to keep up with the…

What is an Active Directory Forest?

What is an Active Directory Forest?

An Active Directory forest (AD forest) is the top most logical container in an Active Directory configuration that contains domains, users, computers, and group policies. “But wait?” you say. “I thought Active Directory was just one domain?” A single Active Directory configuration can contain more than one domain, and we call the tier above domain the AD forest. Under each domain, you can have several trees, and it can be tough to see the forest…

What Would The World’s Data Look Like if it Were Physical?

if worlds data were physical

We take well over a trillion photographs a year, upload hundreds of hours of video a minute, and commit search queries tens of thousands of times per second. The sheer amount of data that companies save is staggering and growing exponentially year-over-year. Social media giants, web infrastructure providers and other large companies around the world manage data at dizzying scales. Not only do these corporations handle a lot of data — they handle important and…

The Likelihood of a Cyber Attack Compared

blue and red scale

While the cost of a cyber attack is often discussed, we seldom hear about just how common these attacks actually are. Numerous security experts believe that a cyber attack or breach of catastrophic proportions is no longer a matter of if, but a matter of when. According to the World Economic Forum’s 2018 Global Risks Report, the top three risks to global stability over the next five years are natural disasters, extreme weather and cyber…

What is Data Classification? Guidelines and Process

data classification title

In order to protect your sensitive data, you have to know what it is and where it lives. Data classification is the process of analyzing structured or unstructured data and organizing it into categories based on the file type and contents. Data classification is a process of searching files for specific strings of data, like if you wanted to find all references to “Szechuan Sauce” on your network. Or if you needed to know where…

12 TED Talks That Will Change the Way You Look at Business Cybersecurity

cybersecurity TED talks

The cybersecurity landscape is constantly evolving. New security threats pop up daily, and threat actors can be an employee in the next cubicle or a blackhat hacker in a coffee shop in Bangkok. Additionally, cybersecurity has real-world implications that reach far beyond the boardroom — everything from Internet-connected teddy bears to the stability of world governments is impacted by cyber. As such, it’s more important than ever that everyone in your organization is up to…

Windows PowerShell vs. CMD: What’s The Difference?

powershell vs cmd hero

Back in the day, booting the then-cutting-edge IBM 8086 from the floppy brought you to a green text screen with a cursor blinking at the familiar C:\> prompt. Hacking boot.ini and config.sys to get my games to run was my first introduction to programming. Eventually that C:\> got replaced with a pretty GUI and boot from hard disk. That command prompt (CMD) still lived on for decades. Only recently did CMD get an upgrade, or…

Zero-Day Vulnerability Explained

Zero-Day Vulnerability Explained

A zero-day vulnerability is a software bug or exploit that hasn’t been patched. It’s like a hole in the bottom of your shoe that you haven’t noticed yet, but a curly-mustachioed villain has found it and is considering putting rusty nails on your gas pedal. Hackers can use these bugs and exploits to steal your data before you’re able to find and patch the weakness. Vulnerabilities allow attackers to slip past your defenses and into…

California Consumer Privacy Act (CCPA) vs. GDPR

California Consumer Privacy Act (CCPA) vs. GDPR

Data privacy laws are fast becoming a primary element in any data security conversation: from the EU’s GDPR to the California Consumer Privacy Act to Japan’s Act on the Protection of Personal Information, the ability to protect consumer data is top of mind. For companies that are built around consumer data, consumer trust becomes a vital part of their business model. On May 25, 2018, the EU General Data Protection Regulation (GDPR) went into effect.…

IDS vs. IPS: What is the Difference?

ids vs ips

Intrusion Detection Systems (IDS) analyze network traffic for signatures that match known cyberattacks. Intrusion Prevention Systems (IPS) also analyzes packets, but can also stop the packet from being delivered based on what kind of attacks it detects — helping stop the attack. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are both parts of the network infrastructure. IDS/IPS compare network packets to a cyberthreat database containing known signatures of cyberattacks — and flag any…