HackDig : Dig high-quality web security articles

Why Security Configuration Management (SCM) Matters

In the Godfather Part II, Michael Corleone says, “There are many things my father taught me here in this room. He taught me: keep your friends close, but your enemies closer.” This lesson Vito Corleone taught his son Michael is just as applicable to IT security configuration management (SCM).Faster breach detectionToday’s cyber threat landscape is extremely
Publish At:2022-07-04 06:20 | Read:432 | Comments:0 | Tags:Featured Articles Security Configuration Management Infosec


span class="entry-content post-content">El cambio es prolífico en los entornos de TI de las organizaciones. Los activos de hardware cambian. Los programas de software cambian. Los estados de configuración cambian. Algunas de estas modificaciones están autorizadas en la medida en que se producen durante el ciclo regular de aplicación de parches de una organiz
Publish At:2022-03-24 06:03 | Read:926 | Comments:0 | Tags:Featured Articles File Integrity Monitoring File Integrity M

User Created Content with Tripwire Configuration Manager

Tripwire Configuration Manager allows for user created configuration and compliance management content via a new Policy Management capability. Custom user content can be used alongside existing cloud service provider and third-party SaaS policies, providing multiple new use cases for data gathering and expanding policy compliance support into new services. T
Publish At:2022-02-07 02:06 | Read:2436 | Comments:0 | Tags:Featured Articles Security Configuration Management Policy M

Secure Your Configurations with Tripwire’s Configuration Manager

As cybersecurity professionals, we are always impressing the importance of patch management as one of the best ways to protect systems against vulnerabilities. Sometimes, the vulnerabilities are never fully exploited. Regardless of the threat possibility, patching is one of the easiest ways to ensure the minimum level of security in an organization. The best
Publish At:2021-11-23 02:04 | Read:2928 | Comments:0 | Tags:Security Configuration Management Security Controls configur

CIS Control 4: Secure Configuration of Enterprise Assets and Software

Key Takeaways for Control 4Most fresh installs of operating systems or applications come with pre-configured settings that are usually insecure or not properly configured with security in mind. Use the leverage provided by multiple frameworks such as CIS Benchmarks or NIST NCP to find out if your organization needs to augment or adjust any baselines to becom
Publish At:2021-09-16 00:39 | Read:1842 | Comments:0 | Tags:Security Controls assets cis controls configuration Enterpri

What Is SCM (Security Configuration Management)?

The coronavirus 2019 (COVID-19) pandemic shifted the cybersecurity landscape. According to a PR Newswire release, the FBI tracked as many as 4,000 digital attack attempts a day during the pandemic. That’s 400% more than what it was prior to the pandemic. In response to these attacks, 70% of CISOs told McKinsey that they believed their security budgets would
Publish At:2020-11-16 08:26 | Read:3255 | Comments:0 | Tags:Featured Articles Security Configuration Management Security

Stop Wasting Your Time and Money with a “Checkbox” SCM Solution

By now, we know a lot about secure configuration management (SCM). We know the way it works, the integral processes of which it consists, the areas of your IT infrastructure that it can help secure as well as the different types of best practice frameworks and regulatory compliance standards with which it can help you to maintain compliance. All we’re missin
Publish At:2020-09-30 12:20 | Read:2069 | Comments:0 | Tags:Featured Articles Security Configuration Management audit Co

SCM: Understanding Its Place in Your Organization’s Digital Security Strategy

Digital attackers can compromise a system in a matter of minutes. But it generally takes organizations much longer to figure out that anything has happened. In its 2020 Data Breach Investigations Report (DBIR), for instance, Verizon Enterprise found that more than half of large organizations took days or even months to detect a security incident. Such dwell
Publish At:2020-08-16 23:10 | Read:3688 | Comments:0 | Tags:Featured Articles Security Configuration Management FIM SCM

What is Configuration Drift?

In a previous post by my colleague Irfahn Khimji, he spoke about how ensuring devices on your network is a great way to minimize the attack surface of your infrastructure. Organizations like the Center for Internet Security (CIS) provide guidelines on how to best configure operating systems to minimize the attack surface. The CIS calls these “benchmarks.”Man
Publish At:2020-05-03 08:07 | Read:2095 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Security C

SCM: Reducing Security Risk via Assessment and Continuous Monitoring

As I discussed in a previous blog post, a key security control known as file integrity monitoring (FIM) helps organizations defend against digital threats by monitoring for unauthorized changes to their system state. But that’s only half the battle. A change could be authorized but still create new security risk. Organizations need to watch for these t
Publish At:2017-03-23 16:10 | Read:6474 | Comments:0 | Tags:Featured Articles Security Configuration Management complian

Understand and Managing Change: Why We Shouldn’t Rely on the Human Element

At some point in our lives, we have all experienced a time when we had something break, quit working, or at the very least not work the way we expected. After exhausting our personal skills in trying to figure out how to fix the problem, we end up calling the repairman – the expert that will help us get back on track.In the IT Ops and IT Security worlds, the
Publish At:2016-11-12 22:57 | Read:5436 | Comments:0 | Tags:Featured Articles Security Configuration Management Change I

Advanced Malware Detection and Response Begins at the Endpoint

It’s no secret the security community is witnessing a boom in sophisticated techniques and attack campaigns. Some of the most advanced threats circulating in the wild today leverage polymorphic malware that changes its form based upon the environment in which it activates. As a result, signature-based detection solutions have a difficult time detecting
Publish At:2016-08-29 10:50 | Read:7930 | Comments:0 | Tags:Incident Detection digital threats EDR endpoint log manageme

SCM: Balancing Security, Availability and Performance

An organization’s computer network is never fixed. It is constantly changing. To illustrate, as a company continues to grow, it might adopt a different mission that requires the installation of new endpoints onto its network. Additionally, with the detection of new exposures, security teams will need to update all critical devices running the vulnerabl
Publish At:2016-08-17 06:20 | Read:8293 | Comments:0 | Tags:Featured Articles Security Configuration Management EDR endp

Looking at Configuration Management in a Different Light

When you hear the phrase ”Information Security,” the first thing that comes to mind to most people are topics like access control, application hardening and policy enforcement. While these are all valid areas that need consideration, there’s one element that remains that is not necessarily captured by those areas – the human element.Maintaining a secure infr
Publish At:2015-11-06 02:40 | Read:10889 | Comments:0 | Tags:Featured Articles Security Configuration Management BSides W

It’s Time for Security to Embrace DevOps and SDN

According to a test I just took, I type at a speed of 94 words per minute. While typing the 92 words required for that test, I made 3 different mistakes. That’s a 3% error rate. Apparently the average error rate is about 8%.As noted in 2007 by this fascinating (well, it was fascinating to me at the time) blog on average typing speed and rates:“The impl
Publish At:2015-09-03 15:25 | Read:12192 | Comments:0 | Tags:Featured Articles Security Configuration Management breach D


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud