Blog
An IBM i Hacking Tale
By Pablo Zurro on Thu, 04/06/2023
Discover how penetration testing can be used on IBM i systems to find hidden vulnerabilities in your security. This post breaks down Core Impact's IBM i pen testing process from discovery to privilege escalation.
Blog
Preparing for the Impact of PCI DSS 4.0
Thu, 11/10/2022
Stealing credit card data is a perennial favorite of cybercriminals everywhere, whose aggressive tactics to score sensitive accountholder details result in breach after breach for organizations small and large. In its most recent research on payment card fraud, The Nilson Report found $28.6 billion in losses for 2020 (nearly 36% in the U.S. alone),...
Blog
What is a Vulnerability Management Program?
Mon, 07/25/2022
The Equifax breach was caused by a vulnerability. The WannaCry virus exploited a vulnerability. The stories don’t seem to end but it seems like no one is talking about how to solve this problem which is: start a vulnerability management program.
“Manage the vulnerabilities in my network? Sounds easy” well, not so much, but not so difficult that you shouldn’t be spending time and resources on it....
Blog
6 Ways to Defend Yourself Against Password Attacks
Thu, 07/14/2022
Ever since Ali Baba uttered “open sesame,” thieves have been using stolen passwords to access hidden riches. In the digital world, password attacks have been and continue to be a common way for threat actors to gain access to an organization’s treasure trove of data. No matter how many emails we get from IT explaining what makes a good password, many of us still use the same basic password in...
Blog
Penetration Testing Frequency: How Often Should You Test?
Fri, 06/24/2022
Penetration testing has become an increasingly standard exercise, with organizations using either pen testing services or in-house teams to uncover weaknesses and assess their security posture. Many businesses want to stay proactive about securing their IT environment and find that pen testing helps them stay compliant and prove adherence to regulations or industry best practices. According to the...
Blog
Solutions for Vulnerability Management
Fri, 04/22/2022
This guest blog from Dr. Edward Amoroso, Tag Cyber provides a high-level overview of modern advances in vulnerability management and how the Fortra cybersecurity portfolio supports this important method for addressing exploitable weaknesses in an enterprise.
Blog
The Evolution and Advancement of Penetration Testing Under Covid-19
Fri, 05/21/2021
Brian Wenngatz, general manager at Core Security, a Fortra company, discusses the advancement of penetration testing during Covid-19.
Blog
Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time
Mon, 08/31/2020
Part 2 of the Improving Your Security-Efficiency Balance Series:
One of the primary challenges organizations wrestle with in identity governance is how to achieve the right balance in their company between security and efficiency. In Part 1 of the Improving Your Security-Efficiency Balance Series, we examined the unique balancing act organizations face when it comes to user access. In this blog...
Blog
The Evolution of Cybersecurity Solutions for Organizations
Tue, 08/11/2020
In the early days of the internet, cybersecurity was fairly straightforward, with all solutions and strategies geared toward prevention. While prevention remains critical, cybersecurity has also had to evolve, with businesses layering their defenses and regularly evaluating the status of their safeguards to adapt to change—whether those be organizational or within the wider cybersecurity sphere.
Blog
Open Source SIEM vs. Enterprise-Level SIEM: Which Is Right for You?
Thu, 07/16/2020
Open source and enterprise-level SIEM solutions all have pros and cons. Here are some factors to look at when comparing your options—including one you might not have considered yet.
Blog
Four Network Security Challenges for Organizations with a Remote Workforce
By Bob Erdman on Wed, 03/25/2020
Blog
Three Lessons Learned from A Data Breach
By Bob Erdman on Mon, 02/24/2020
Simple lessons learned from the many breaches we’ve observed, like careless employees and unusual attack vectors, and ways they can be avoided.
Blog
What Is SIEM?
Fri, 12/20/2019
SIEM (security information and event management) software provides insights into potential security threats through data normalization and threat prioritization, giving IT professionals an effective method of automating processes and centralizing security management in a way that helps them simplify the difficult task of protecting sensitive data.
Blog
Monitoring Application Security with SIEM
By Bob Erdman on Wed, 11/27/2019
Learn about the large variety of information a SIEM can consolidate, becoming your organization’s primary security monitoring tool.
Blog
You Can’t Protect What You Can’t See: Improving Cybersecurity with Monitoring Solutions
By Bob Erdman on Mon, 10/07/2019
Find out how SIEMs with threat escalation, centralization, diverse integrations, and collaboration with network monitoring tools can help clear the line of sight.
Blog
Navigating Toward a Password-Free Future with Privileged Access Management
By Bob Erdman on Fri, 09/13/2019
Discover how you can move toward a password-free future with privileged access management (PAM) solutions and adopt a more secure standard for authentication in your organization.
Blog
Silencing the Bells: How a SIEM Can Prevent Alert Fatigue
By Bob Erdman on Tue, 07/30/2019
Find out how Security Information and Event Management (SIEM) solutions can streamline security and prevent alert fatigue.