ReliaQuest
How to Eliminate Security Tool Sprawl
This blog spotlights a section of the 2021 Security Technology Sprawl Report. INSIDE Technology sprawl can worsen your skills gap. Your security tools probably don’t play nicely together. How to address the tech sprawl problem. Security tool sprawl is a growing problem. Security team members and business leaders often turn to new tools […]
What Is Ransomware? A Definition and Some History
Ransomware is a piece of malicious software that locks your data until you pay the hacker behind the attack. This is sometimes the creator of the software, but not always. There are off-the-shelf ransomware programs floating around the dark web that even low-skilled bad guys can customize for their own uses. Ransomware can enter your […]
What Is Managed Detection and Response (MDR)?
Managed detection and response (MDR) is an outsourced approach to cybersecurity where third parties handle threat monitoring, detection, and response. Specifically, the MDR model pairs endpoint detection and response (EDR) or endpoint protection platforms (EPP) with real-time monitoring and detection of ransomware, malware, and other security intrusions with rapid incident response to address and eliminate […]
What Is XDR (Extended Detection and Response)?
XDR stands for extended detection and response and is a cross-platform threat detection and response strategy. XDR is a new category that’s been generating a lot of hype in the world of cybersecurity, and for good reason: Some of its hallmarks include centralization of normalized data, correlation of security data and alerts into incidents, and […]
What Is Phishing?
Phishing is the practice of stealing credentials by masking malicious intent behind the appearance of something innocuous. An email that looks like it’s from a social network asking you to reset your password is one of the most common versions. Once a user submits their credentials, attackers then use the victim’s account to spread the […]
ReliaQuest’s Experts Weigh In: 2021 Cybersecurity Predictions
This past year has certainly thrown some curveballs at security professionals. With new threats tied to current events like the COVID-19 pandemic and the United States presidential election, organizations have had to re-evaluate their security strategies and shift priorities, and this new focus will undoubtedly carry into the new year. Perhaps the greatest reveal that […]
Giving Back and Giving Thanks to the Community
There’s no doubt that 2020 has proven to be a challenging year for individuals, families, and organizations across the globe. At ReliaQuest, we’ve always valued community roots, and this year especially we’ve been on the lookout for opportunities to spread positivity, help others, and give back in any way that we can. Join us as […]
Credential Dumping Part 2: Credential Theft Prevention in Windows
Credential theft is part of almost all attacks within a network, and one of the most widely known forms of credential stealing is surrounding clear-text credentials by accessing lsass.exe. However, this is only a piece of the bigger picture of the Windows credential model. In Part 1 of the Credential Dumping Series, I took a closer […]
Credential Dumping Part 1: A Closer Look at Vulnerabilities with Windows Authentication and Credential Management
For many of us in cybersecurity, we know that credential theft is part of almost all attacks within a network. Arguably, one of the most known forms of credential stealing is surrounding clear-text credentials by accessing lsass.exe. Almost synonymous with credential dumping is the popular tool Mimikatz, which is able to access the LSASS (Local Security Authority […]
