Welcome to our new blog series, in which ReliaQuest teammates recommend interesting stories that you might find useful in your day to day jobs. This month, I’m joined by my colleagues, threat hunters George Paco and Jonny Elrod. Here is what we are reading. Rick’s Recommendation “Octosuite: A New Tool to Conduct Open Source Investigations […]
An influx of security tools and alerts, and ineffective and/or suboptimal detection, investigation, and response (DIR) processes have painted security operations (SecOps) in a chaotic light. Then, throw data and resources that are all over the place into the mix, and you’re potentially looking at a big mess—one that goes beyond the confines of an […]
Mergers and acquisitions (M&A)* are expected to grow in 2023 as companies take advantage of a turbulent economy. Cybersecurity should play a key role during the M&A process, from pre-deal due diligence to controlling risk during integration and operation phases. This blog provides some key lessons that ReliaQuest has learned over the years as we […]
Just like the threats we face, our industry is always changing and growing. That’s why I recently had the pleasure of hosting a webinar with my former Forrester Research colleague, Joseph Blankenship (or JB, as I like to call him), discussing “The Current State and Future Trends of Security Operations.” During the webinar, we had […]
Security operations centers (SOCs) today are inundated with the myriad threats that have proliferated since the shift to remote work, the move to the cloud, and the decentralization of networks. The task of finding, sorting, and combating them all (with limited resources) can be daunting. That’s why many look to technology to help them bear […]
An overview of how Log4Shell Works Tools available to ReliaQuest GreyMatter Customers A downloadable utility to assist with quickly identifying vulnerable AND very easily exploitable applications. The utility is available for direct download here, and includes instructions for installation and use Understanding how Log4Shell Works Log4Shell is a vulnerability in the Java Naming and Directory […]
Updated 12/29 A zero-day vulnerability involving the Log4j 2 utility was publicly disclosed on December 9, 2021, via the Apache GitHub. Log4j 2 is an open-source Java logging library integrated in many enterprise applications, as well as open-source software and other services. The widespread use and configuration variables make this is a high impact threat. ReliaQuest has […]
Vontier is a global industrial technology company focused on smarter transportation and mobility. With 150+ global locations serving a growing connected world, cybersecurity is a high priority. Chief among these concerns are phishing, ransomware, and supply chain attacks, according to Ryan Strohman, Vontier’s Global IT Security Lead – Client Protection. As part of our webinar […]