PRACTICAL CYBERSECURITY: CISOs MUST SET UP THEIR PURPLE TEAM. Red and blue teaming are well-established concepts in information security, but recent years have given rise to a more collaborative approach – purple teaming. To defend against rapidly evolving cyber threats, businesses need to continually adapt and innovate. This means that red and blue teams must […]
PRACTICAL CYBERSECURITY: Why Your Organization Should Consider Setting Up It’s Own Purple Team.
PRACTICAL CYBERSECURITY: Why Your Organization Should Consider Setting Up It’s Own Purple Team. Typically, the Red Team’s job is to embarrass the Blue Team. The Red Team shows up with a bit of swagger, conducts reconnaissance like and attacker, and finds a path in. At the end, they publish a report that points out the ugliness of your […]
JUST IN: 2022 Cybersecurity Toolset For CIOs, CISOs, InfoSec & Risk Practionners.
JUST IN: 2022 Cybersecurity Toolset For CIOs, CISOs, InfoSec & Risk Practionners. Security programs without the RIGHT MIX of security tools is the surest pathway to end up in the media for the wrong reason- HACKED! Yeah, security tools can’t and won’t solve ALL the cyber related issues. However, the right mix of tools (seamless […]
Mitigating MFA Bypass Methods Used By Hackers, Pen Testers and Malicious Insiders.
Mitigating MFA Bypass Methods Used By Hackers, Pen Testers and Malicious Insiders. Folks, I’d like to share a thought on how organizations can optimize their current investments in MFA solution that has been implemented. So, when PROPERLY implemented across the hybrid IT infrastructures (on-premises and cloud), MFA solution has the capacity and capability to PREVENT 99% of credentials based […]
CISOs Cybersecurity Budget Recommended Spending For 2021. Part 2.
CISOs Cybersecurity Budget Recommended Spending For 2021. Part 2 Read part 1 here, https://smsam.net/cisos-cybersecurity-budget-recommended-spending-for-2021-part-1/ Part 2. 1- Cybersecurity Asset Management (NOT IT Asset Management or CMDB).Cybersecurity asset management is NOT the same as IT Asset Management, see details here, https://sevcosecurity.com/continuous-security-asset-management-vs-itam-cmdb/ Now, it’s time CISOs get an ACCURATE and CONTINUOUS inventory of their device counts and other […]
CISOs Cybersecurity Budget Recommended Spending For 2021. Part 1.
CISOs Cybersecurity Budget Recommended Spending For 2021. Part 1. As someone saddled with the security of your organization’s information assets (customer data, intellectual properties amongst others), it’s expedient to strategically plan your cyber defense tools spending for the new year- 2021. Aside the processes and people factors, getting the right mix of tools that deploy […]
Practical Solution To Preventing Credentials Attacks In Organizations.
Practical Solution To Preventing Credentials Attacks In Organizations. If your organization is interested in securing its entire Active Directory credentials (not just privilege credentials), then read on. Note, Attackers don’t have to “Hack In” they login. 80% of cyber-attacks do NOT involve CVE’s, rather attackers combine harvested enterprise credentials with misconfigurations and dangerous product defaults. Criminals […]
Supercharge Your SOC With a SIEM That Actually Works!
Supercharge Your SOC With a SIEM That Actually Works! The attached image depicts some of the capabilities of an advanced SIEM platform (delivering automated threat detection and response) , natively in-built (not add on) sophisticated AI / ML and Dynamic Threat Modeling algorithms requring NO rules whatsoever! Natively integrated silo’d solutions such as UEBA, SOAR, […]
SMSAM’S AUTOMATED PENETRATION TESTING SERVICE.
SMSAM’S AUTOMATED PENETRATION TESTING SERVICE. Our offering is powered by an insanely sophisticated AI’s automated pen testing service that uses a mix of industry-standard and proprietary attack techniques to discover and validate exploitable vulnerabilities within the target network. Continuous pen testing helps network administrators address key security questions about their environment:• Are my “crown jewels” […]
Automated Pentration Testing: Embrace Proven Security and Compliant Cybersecurity Posture Validation Methodology
Automated Pentration Testing: Embrace Proven Security and Compliant Cybersecurity Posture Validation Methodology. Having a ONCE or TWICE a year penetration testing is NO longer an effective method to valid your cybersecurity posture. While manual penetration testing is still recommended, they should rather focused on specific scenarios, i.e red teaming. A Recommended Approach to Continious and […]