Introduction This post is a follow up to https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/. Previously, we explored the patch for CVE-2023-20273 and CVE-2023-20198 affecting Cisco IOS XE and identified some likely vectors an attacker might […] The post Cisco IOS XE CVE-2023-20198: Deep Dive and…
Tag: Security Boulevard
Agent vs. Agentless: A New Approach to Insider Risk Monitoring
A question our customers commonly ask is whether our InTERCEPT insider risk management platform is agent-based or agentless. The short answer is: “A bit of both, but better.” Technically speaking, InTERCEPT is an agent for the sheer fact that our…
What makes Web Applications Vulnerable?
Virtual programs are now an essential component of our daily lives. Web applications are now essential tools for both individuals and organizations. From online shopping to social media and banking, we depend on internet apps for convenience and accessibility. However,…
Simplify User Access with Federated Identity Management
Discover the power of federated identity management for seamless SSO and enhanced user access. Improve security and streamline authentication The post Simplify User Access with Federated Identity Management appeared first on Security Boulevard. This article has been indexed from Security…
What is a Cloud Workload Protection Platform ? (CWPP)
Diving into the Depths of Cloud Workload Defense Framework (CWDF) Mysteries Setting out to understand cloud security, one frequently encounters the term – Cloud Workload Defense Framework (CWDF). What exact role does CWDF play? Let’s decode this riddle. At its…
Author Q&A: Here’s why the good guys must continually test the limitations of ‘EDR’
A new tier of overlapping, interoperable, highly automated security platforms must, over the next decade, replace the legacy, on-premise systems that enterprises spent multiple kings’ fortunes building up over the past 25 years. Related: How ‘XDR’ defeats silos Now along…
Lateral Movement: Abuse the Power of DCOM Excel Application
In this post, we will talk about an interesting lateral movement technique called ActivateMicrosoftApp() method within the distributed component object model (DCOM) Excel application. This technique is built upon Matt Nelson’s initial research on “Lateral Movement using Excel.Application and DCOM”. What…
SternX Resources to Assist Businesses with Insider Threat Risk Assessment
Insider threats pose serious risk. SternX provides leading technology and expertise to help businesses implement insider threat risk assessment programs, assess vulnerabilities, monitor for risks, and build robust defenses. The post SternX Resources to Assist Businesses with Insider Threat Risk…
A Complete Guide to NIST Compliance: Navigating the Cybersecurity Framework, NIST 800-53, and NIST 800-171
Cybersecurity has become one of the most pressing threats that an organization can face, where poor cybersecurity can lead to operational disruptions, regulatory enforcement, lost sales, a tarnished corporate reputation, and much other trouble. Management teams know this, of course,…
Accelerating FedRAMP ATOs: OMB Memo
The Office of Management and Budget (OMB) released a Draft Memorandum for Modernizing the Federal Risk and Authorization Management Program (FedRAMP) on Friday, Oct 27, 2023. FedRAMP was codified in 2022 when Congress passed the FedRAMP Authorization Act (“Act”). The…