This morning’s news rings loud – “Nearly all AT&T customers’ call and text records exposed in massive breach”. Fresh off the heels of an unrelated data leak on third-party platform Snowflake impacting 73 million current and former customers, AT&T is seeing immediate financial damage as shares fell 1% following today’s news.
In today’s fast-changing world […]
Your investment in cybersecurity tools—ranging from device protection to application security and cloud control—is significant. But do you have true visibility across your network and understand what is at risk?
For exposure management to be effective, it must be paired with robust analytics at the network level. The latest analyst report from Tag Infosphere outlines […]
In high-security environments like the DoD and the Intelligence Community, the System Security Plan (SSP) is critical for ensuring that systems handle sensitive national security data appropriately. It helps in achieving and maintaining the authorization to operate (ATO), which is mandatory for systems that process, store, or transmit classified information. The SSP ensures all stakeholders […]
The Authorization to Operate (ATO) is a critical component in the security architecture of the DoD and IC, ensuring that systems operate with a recognized and accepted level of risk. This process underscores the rigorous standards that these systems must meet to safeguard national security effectively. RedSeal can significantly assist system owners, Information System […]
The Cybersecurity Maturity Model Certification (CMMC) remains pivotal for defense contractors and entities handling Controlled Unclassified Information (CUI). A third-party assessment across five levels ensures enterprises security maturity, which is vital for safeguarding national interests. CMMC builds upon NIST SP 800-171 compliance, with 110 security controls established by SP 800-171 extending its scope and rigor.
[…]
IPv6 has its advantages
With the proliferation of connected devices, organizations everywhere are making the transition to Internet Protocol version 6 (IPv6). Beyond having astronomically more usable addresses than its IPv4 predecessor (2128 vs. 232), IPv6 has several other advantages, including:
Easier administration: IPv6 simplifies address configuration through Stateless Address Autoconfiguration (SLAAC) and DHCPv6 (Dynamic Host […]
As the digital age continues to see rapid change, cyber threat looms over businesses, organizations, and individuals even more than before. And, as technology advances, so do the capabilities of cybercriminals. With today’s digital environment, more than ever before, crafting a robust cybersecurity incident response plan isn’t a recommendation—it’s a critical necessity.
What does this […]
Staying proactive with vulnerability prioritization is essential for any organization to effectively manage and mitigate cybersecurity risks.
Here are some key steps and strategies to help you prioritize vulnerabilities proactively:
Identify assets that have not been scanned by a vulnerability management tracking tool. Identify the network devices and specific access rules preventing scanner access. […]
Using RedSeal for Cybersecurity and Compliance
A recent study by independent industry analysts at TAG Infosphere concluded that the exposure analytics capabilities of the RedSeal platform— specifically, network modeling, attack path analysis, risk prioritization, and compliance management— are well-suited to reduce risk and strengthen the security posture of complex hybrid networks.
[…]
CVE: CVE-2023-35708
Description:
Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment. If you are a MOVEit Transfer customer, it is extremely important that you take immediate action as noted below in order to help protect your MOVEit Transfer environment. In Progress MOVEit […]