Major Mistakes Leading to SOC Burnout and How to Address Them. SOC Members battle with burnout, overload, and chaos. According to Ponemon Institute– “IT security personnel are approaching burnout as they spend increasingly more time on threat investigation while complexity and chaos, alert fatigue and workload grow.” To be more specific about the burnout to […]
CISOs Cybersecurity Budget Recommended Spending For 2021. Part 2.
CISOs Cybersecurity Budget Recommended Spending For 2021. Part 2 Read part 1 here, https://smsam.net/cisos-cybersecurity-budget-recommended-spending-for-2021-part-1/ Part 2. 1- Cybersecurity Asset Management (NOT IT Asset Management or CMDB).Cybersecurity asset management is NOT the same as IT Asset Management, see details here, https://sevcosecurity.com/continuous-security-asset-management-vs-itam-cmdb/ Now, it’s time CISOs get an ACCURATE and CONTINUOUS inventory of their device counts and other […]
Automated Pentration Testing: Embrace Proven Security and Compliant Cybersecurity Posture Validation Methodology
Automated Pentration Testing: Embrace Proven Security and Compliant Cybersecurity Posture Validation Methodology. Having a ONCE or TWICE a year penetration testing is NO longer an effective method to valid your cybersecurity posture. While manual penetration testing is still recommended, they should rather focused on specific scenarios, i.e red teaming. A Recommended Approach to Continious and […]
Introducing SMSAM’s Autonomous Penetration Testing Platform.
Introducing SMSAM’s Autonomous Penetration Testing Platform. Our autonomous penetration testing platform enables organisations to continuously assess the security posture of their enterprise, including external, identity, on-prem, IoT and cloud attack surfaces. 1- Agentless2-Painless3- Safe to run in production4- Continuous and comprehensive (100% coverage)5- No cheating, scripting, or humans. Additional information here, https://smsam.net/services/automated-penetration-testing-as-a-service/
Exclusive: Hackers tried to exploit two zero-days in Trend Micro’s Apex One EDR platform.
Why Proactive Active Directory Security Should Be Part of Organizations Cyber Defense Toolset. Recently, hackers tried to exploit two zero-days in Trend Micro’s Apex One EDR platform, see this https://therecord.media/hackers-tried-to-exploit-two-zero-days-in-trend-micros-apex-one-edr-platform/ . Now, these sort of attacks is one the core reason why Proactive and Unified Identity Stores security platform is a non-negotiable inclusion in organization’s cyber defense […]
Next-Gen SIEM For Next Gen SOC.
Looking for a new SIEM platform to build a STRESSLESS SOC? Read this , https://smsam.net/a-siem-that-works/
The Brutal Truth About Office 365 Security.
Let’s face it, with regards to Office 365 security, depending only on the default security offered by Microsoft (EOP / ATP) is to willfully sign up to be a victim of false sense of security . At your convenience, read this post to understand the most dangerous (and interesting) Microsoft 365 attacks, https://lnkd.in/dF5Gg2vv The Recommended Solution. […]