Rising of Smart City Initiative across countries
For those who are reading and will notice for the rising of countries and nations undertaking “smart city” initiative, one after another. A smart city is an urban area that uses different types of electronic data collection sensors to supply information which is used to manage assets and resources efficiently (in modern term, leverage of Internet of Things – IoT sensors
Machine Learning Penetrate Construction Industry
Machine learning (ML) that people always confused with AI, has been portrayed in movies and other media so often that it’s gathered quite a mythology about it. From fears that it will take over the world, to curiosity about whether an AI can be sentient, it’s easy to get caught up in a fantasy land
Internet of Medical Things (IoMT), or Healthcare IoT, refers to a connected infrastructure of medical devices and software applications that can communicate with various healthcare IT systems.  As an example, this can be thought of as simple as someone who wears a FitBit to track his or her steps; that step count is tabulated on
Tagged under: , ,
AI take over IT job

Impact of AI on Massive Unemployment

Artificial intelligence (AI) has large potential to contribute to global economic activity. In particular for automating previous human intensive activity and result in less Human Resources required for certain job function and area. The role of artificial intelligence (AI) as tools or part of digital transformation (DT) strategy use in business had the huge impact.
5 Things Your ISMS Needs to Be Effective

5 Things Your ISMS Needs to Be Effective

What to do in any serious effort is the Information Security Management System (ISMS) – processes, documents, technology and people systems that help manage, monitor, audit and improve the security of your organization’s information. It helps you manage all your security practices in one place, consistently and cost-effectively. The ISO 27001-compliant ISMS relies on regular
The Benefits of Implementing an ISMS

The Benefits of Implementing an ISMS

An ISMS is a set of policies, procedures, processes and systems that manage information risks, such as cyber attacks, hacks, data leaks or theft. ISO 27001 is the international standard that provides the specification and requirements for implementing an ISMS. The benefits of implementing an ISMS is: Secure your information An ISMS helps protect all
The goal of Information Security Management System(ISMS) is to protect the information that differentiates your business, both online and in person. It helps to manage information in all its forms, including digital, paper-based, intellectual property, corporate secrets, data on devices and in the Cloud, hard copy and personal information. It helps companies defend themselves from technology-based
Information Security Management System (ISMS)
What is ISMS? The Information Security Management System (ISMS) is systematic and structured approach to managing information so it’s safe. ISMS Implementation includes policies, processes, procedures, organizations structure and function of software and hardware. ISMS implementation should be directly influenced by organizational objectives, security requirements, processes used, size and structure. Why we need ISMS? Their
WhatsUp Gold 2018 Product Overview by E-SPIN, What are the challenges of General Data Protection Regulation
What are the challenges of General Data Protection Regulation 1. Many new requirements It’s the EU legislators’ firm intent to increase the accountability of any person processing personal data. How? By imposing responsibilities and requiring to demonstrate compliance therewith at all times. For instance, to encourage transparency, various obligations will regulate information, access and communication
Qualys Continuous Monitoring Product Overview by E-SPIN
Red and Blue teams ideally work in perfect harmony with each other, as two hands that form the ability to clap. Like Yin and Yang or Attack and Defense, Red and Blue teams could not be more opposite in their tactics and behaviors, but these differences are precisely what make them part of a healthy
How To Manage Open Source Risk with SCA?, Best practices for data privacy GDPR and beyond
With the EU General Data Protection Regulation (GDPR) going into effect, now is a great time to re-evaluate how you approach data protection—regardless of where you do business. Our goal is to support your GDPR compliance efforts, all while continuing to improve your visitor experience. Ready for some suggestions that improve data privacy and visitor
10 Benefits to Using a Virtual Assistant, 5 Benefits GDPR Compliance Will Bring To Your Business
5 Benefits GDPR compliance will bring to your business: Benefit One: Enhance Your Cybersecurity There is no company in the world that can afford to take the risk of cybersecurity ignorance, given the costs of data breaches and business downtime caused by theft or loss of critical data. It does make sense to take data
Retina CS Technical Overview by E-SPIN, Main aspects of the General Data Protection Regulation
A public administration is subject to the rules of the GDPR when processing personal data relating to an individual. It is the responsibility of the national administrations to support regional and local administration in preparing for the application of the GDPR. Most of the personal data held by public administrations is usually processed on the
what-is-a-data-center-automation, What is General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to citizens and
Solarwinds Network Performance Monitor Product Overview by E-SPIN, The Best File Integrity Monitoring Approach: Integration with SIEM
The insight gained through File Integrity Monitoring (FIM) is best used when it is fed into the broader event stream from log data collected from various parts of your network (workstations, servers, domain controllers, file servers, antivirus software, IDS/IPS systems, etc.). This data can be correlated to produce situational awareness between diverse events. In the
Challenges with File Integrity Monitoring
Challenges with File Integrity Monitoring There are typically two approaches to file integrity monitoring (FIM). 1. Hash-based File Integrity Checking: Scans critical files on systems on a regular schedule and alerts admins about detected changes by comparing the hash to the previous version. The alternative to this is you need to schedule this task to
Best practices for successfully managing third-party risk, 7 Features You Need in a File Integrity Monitoring Software
7 Features You Need in a File Integrity Monitoring Software: 1. Multiple Platform Support It’s not uncommon for a typical enterprise today to run on Windows, Linux, Solaris, AIX or even HP-UX. For this reason, it’s best to look for an FIM solution than can monitor multiple platforms without incompatibility issues. 2. Easy Integration The
Server-and-Software/Application-Layers on-Data-Center-and-Orchestration, Why do you need File Integrity Monitoring
Do i Need File Integrity Monitoring? To put it simply, yes. The reality is that no matter the size of your organization, or the number of security countermeasures you have in place, with the increasing sophistication and diversity of modern threats means that it’s only a matter of time until your organization has been compromised.
Red Hat Enterprise Linux Product Overview by E-SPIN, What is File Integrity Monitoring

What is File Integrity Monitoring (FIM)

What is File Integrity Monitoring (FIM) Today, most IT systems that store and process information use file-based architectures. The core operating system and applications binaries, system and application configuration data, organizational data, and logs are stored in files. These files ultimately: Determine how the operating system, its subsystems and hosted applications should operate; Track (in

Differences in Red, Blue and Purple Team

There is some confusion about the differences of Red, Blue, and Purple teams within Computer Security. The purpose of a Red Team is to find ways to improve the Blue Team, so Purple Teams should not be needed in organizations where the Red Team / Blue Team interaction is functioning properly. Red Teams are external entities

Defense In Red Team

Defense in red team isn’t just about finding holes but to continue the sports analogy, a good red team engagement will also provide a playbook to improve that defense in the future. Effective red teaming operations don’t end with the discovery phase. You want to work with a red team consultant that offers remediation assistance
Tagged under: ,
Monitoring the Performance and Diagnostics of Network, 15 Indicators of Compromise on your network
15 Indicators of Compromise on your network. Most people don’t like to compromise; people dislike it even more when it jeopardizes our network.  Below we highlight the ways you can see a compromise coming and perhaps even stop it before it becomes an incident. Unusual Outbound Network Traffic You may not be able to keep people
Tagged under: ,
5 Keys To Conquering Container Security

5 Keys To Conquering Container Security

Containers present a golden opportunity to take bake security into development and operation processes.When it comes to enterprise application development, security is still a concern, comes just before the release is used. The rapid application of software provides a rare opportunity for security to move upstream (or in conversation, to facilitate shift left) and to
Tagged under:
VMware Horizon 6 Product Overview by E-SPIN, Three Ways Indicators of Compromise Help SOC Teams
Three Ways Indicators of Compromise Help SOC Teams Threat Intelligence plays a major role in the modern Security Operations Center (SOC). This threat data can help analysts to detect security incidents earlier, take more informed actions, and implement security controls to defend against known threats. Threat Intelligence includes context about threat actors, their intentions and
Tagged under: ,
What is Software Defined Security for SDN?, Reasons why behavior based IoC enhance security
Reasons why behavior based IoC enhance security Attackers are tricky Today’s attacks are increasingly fileless, meaning they don’t rely on having to write or download a file to infect the target device/system. Instead, they use the services that already exist on the device/system to perpetrate their exploit.  There are no specific strings, names, addresses or
Tagged under: ,
Start with the beachhead. In most situation where there is long term breach, there is a beachhead; the system attackers use to get into and maintain access to the network. This is the primary thing you want to find. Hackers generally install an implant such as a Remote Access Tool (RAT), rootkit, or backdoor on
Tagged under: ,

Red Team

Red team is a group of white-hat hackers that attack an organization’s digital infrastructure as an attacker would in order to test the organization’s defenses (often known as “penetration testing“). Companies including Microsoft perform regular exercises under which both red and blue teams are utilized. The use of cyber red teams provides “real-world attack simulations designed to assess and significantly improve the
Tagged under:
Taking a Comprehensive Approach to Container Security
Potential attack vectors that threaten containerized applications can be grouped into several types: Threats to the Build Environment The built environment should be at the top of your security checklist, especially as developers can not expect all to be security experts. Developers have an interest in building products as quickly as possible, meaning that they
Tagged under:
15 Tips for a Run-time Container Security Strategy
There have been many recent discussions on container security, but mostly focus on image scanning or host security and OS. The lack of enterprise security tools for the former has led people to focus too narrowly. It’s like an old saying “when all I have is a hammer, it all looks like nails.” Security is
Tagged under:
Indicator of compromise, IOC
Indicators of compromise (IOCs) are “pieces of forensic data, such as data found in system log entries or files, that identify potentially malicious activity on a system or network.” Indicators of compromise aid information security and IT professionals in detecting data breaches, malware infections, or other threat activity. By monitoring for indicators of compromise (IOCs), organizations
Tagged under: ,