External Attack Surface Management and its Integration with Cybersecurity Operations

Recent news reminds us that vulnerabilities persist in critical infrastructure platforms targeted by financially motivated and state-sponsored espionage threat actors. We're constantly hearing about the exploitation of old and new vulnerabilities as part of cyberattacks. While vulnerability management may be challenging, we must be vigilant and look for ways to improve our cybersecurity defenses. Implementing … Continue reading External Attack Surface Management and its Integration with Cybersecurity Operations

Threat Intelligence Requirements

Originally posted August 1, 2022 By ttheveii0x on Security Risk Advisors blog UPDATED: January 24, 2023 Establishing Threat Intelligence Requirements should be one of the first things organizations do when starting a Cyber Threat Intelligence (CTI) program. It is possible to establish CTI requirements with a CTI program already in place. Threat intelligence requirements provide … Continue reading Threat Intelligence Requirements

Defining Cyber Threat Intelligence

Cyber Threat Intelligence (CTI) is not a new area of cybersecurity, but uncertainty about what CTI is remains a question throughout the community. If you ask ten people to define CTI, you will likely hear eight to ten (8-10) different definitions. It’s very concerning that this is the current state of understanding. To test the … Continue reading Defining Cyber Threat Intelligence

Malware Analysis: A General Approach

Originally posted February 5, 2021 By ttheveii0x and Jonas Eichinger on Security Risk Advisors blog UPDATE: Rewritten on January 5, 2023 TL; DR Malware analysis has many benefits for organizations and cybersecurity operations; however, most organizations have not defined processes for performing malware analysis. This post walks through the questions that malware analysis can answer … Continue reading Malware Analysis: A General Approach

What’s ahead for Cybersecurity in 2023?

Instead of speculating on what might be in store for cybersecurity in the year ahead, now is a great time to set goals that will enable your organization to improve its cybersecurity program over the next year. What is your organization planning to accomplish in 2023?Are you incorporating lessons learned from 2022? This brief post … Continue reading What’s ahead for Cybersecurity in 2023?