Entries by RedSeal

Analyst Report: Closing Cybersecurity Control Gaps with Network Exposure Analytics

Your investment in cybersecurity tools—ranging from device protection to application security and cloud control—is significant. But do you have true visibility across your network and understand what is at risk?

For exposure management to be effective, it must be paired with robust analytics at the network level. The latest analyst report from Tag Infosphere outlines […]

System Security Planning with RedSeal

In high-security environments like the DoD and the Intelligence Community, the System Security Plan (SSP) is critical for ensuring that systems handle sensitive national security data appropriately. It helps in achieving and maintaining the authorization to operate (ATO), which is mandatory for systems that process, store, or transmit classified information. The SSP ensures all stakeholders […]

Navigating the Authorization to Operate Process with RedSeal

The Authorization to Operate (ATO) is a critical component in the security architecture of the DoD and IC, ensuring that systems operate with a recognized and accepted level of risk. This process underscores the rigorous standards that these systems must meet to safeguard national security effectively. RedSeal can significantly assist system owners, Information System […]

Navigating DoD’s Cybersecurity Maturity Model Certification

The Cybersecurity Maturity Model Certification (CMMC) remains pivotal for defense contractors and entities handling Controlled Unclassified Information (CUI). A third-party assessment across five levels ensures enterprises security maturity, which is vital for safeguarding national interests. CMMC builds upon NIST SP 800-171 compliance, with 110 security controls established by SP 800-171 extending its scope and rigor.

[…]

Keeping an Eye on IPv6 in Your Hybrid Network

IPv6 has its advantages

With the proliferation of connected devices, organizations everywhere are making the transition to Internet Protocol version 6 (IPv6). Beyond having astronomically more usable addresses than its IPv4 predecessor (2128 vs. 232), IPv6 has several other advantages, including:

Easier administration: IPv6 simplifies address configuration through Stateless Address Autoconfiguration (SLAAC) and DHCPv6 (Dynamic Host […]

Strengthening the Fortress: Best Practices for Incident Response

As the digital age continues to see rapid change, cyber threat looms over businesses, organizations, and individuals even more than before. And, as technology advances, so do the capabilities of cybercriminals. With today’s digital environment, more than ever before, crafting a robust cybersecurity incident response plan isn’t a recommendation—it’s a critical necessity.

What does this […]

Risk Prioritization: Improving Network Vulnerability Security Management

Staying proactive with vulnerability prioritization is essential for any organization to effectively manage and mitigate cybersecurity risks.

Here are some key steps and strategies to help you prioritize vulnerabilities proactively: 

Identify assets that have not been scanned by a vulnerability management tracking tool. Identify the network devices and specific access rules preventing scanner access. […]

Independent Assessment: TAG Infosphere

Using RedSeal for Cybersecurity and Compliance

A recent study by independent industry analysts at TAG Infosphere concluded that the exposure analytics capabilities of the RedSeal platform— specifically, network modeling, attack path analysis, risk prioritization, and compliance management— are well-suited to reduce risk and strengthen the security posture of complex hybrid networks.

[…]

Advisory Notice: MOVEit Transfer Critical Vulnerability

CVE: CVE-2023-35708

Description:

Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment. If you are a MOVEit Transfer customer, it is extremely important that you take immediate action as noted below in order to help protect your MOVEit Transfer environment. In Progress MOVEit […]

Cyber Insurance Isn’t Enough Anymore

The cyber insurance world has changed dramatically. Premiums have risen significantly, and insurers are placing more limits on covered items. Industries like healthcare, retail, and government, where exposure is high, have been hit hard. Many organizations have seen huge rate increases for substantially less coverage than in the past. Others have seen their policies canceled or been unable to renew. With escalating activity and larger demands, cyber insurance is only likely to get more expensive and harder to get. Companies will also have to offer more proof about their security practices to be successful in filing claims or risk having claims denied.