The Boardroom Isn’t Ready for the Next SolarWinds
Attacks like Log4j, SolarWinds and Colonial Pipeline have board rooms across the nation questioning their preparedness in combating cybersecurity risks. What can boards do now to be more effective for the next ...
Getting Ahead of Log4Shell-enabled Cyberattacks: New Attack Scenarios and Technical Recommendations
Newly developed MITRE ATT&CK-aligned scenarios test your security controls using AttackIQ’s Network Control Validation Module and the AttackIQ Anatomic Engine, emulating the adversary with specificity and realism to validate your compensating controls ...
Validate Your Cyberdefenses against Log4Shell with MITRE ATT&CK®
This article focuses on helping organizations to assess the effectiveness of their compensating controls, enable a threat-informed defense with breach and attack simulation plus the MITRE ATT&CK framework, and interdict the adversary ...
Prioritize and streamline vulnerability management through a threat-informed defense, with new research from the Center for Threat-Informed Defense and the MITRE ATT&CK framework as a foundation.
Jonathan Reiber | | Blog, Center for Threat-Informed Defense, CVE, cyberdefense, Cybersecurity, MITRE ATT&CK, Vulnerability Management
In today’s information age, where almost every transaction is digitized, organizations face hundreds–and in some cases thousands–of vulnerabilities. The U.S. Department of Defense even kept a running list of all of its ...
10 Things You May Not Know About Purple Teaming
We’re familiar with red teaming and blue teaming, but have you heard about purple teaming? This blog dives into facts you may not be aware of around this new team construct meant ...
Don’t treat cybersecurity hygiene like your car engine light
ESG recently released the key findings of its Security Hygiene and Posture Management Survey, which polled approximately 400 cybersecurity professionals in North American enterprises. Three takeaways stand out: Organizations are struggling to ...
What To Do in the Case of Brand Reputation Impersonation
Recently, AttackIQ was notified that an Iranian threat actor had created a fake domain and fraudulent website (attackiq[.]ir) impersonating AttackIQ and abusing the company brand. This blog is an account of what ...
Our message to cybersecurity teams: We’ve got your six.
The rapid growth in our company isn’t just because we have the best platform for breach and attack simulation (we do). It’s because no other company is as invested as we are ...
“Zero Trust But Validate.” It’s not enough to deploy a zero trust architecture. You need to continuously validate that it works.
Jonathan Reiber | | adversary emulation, Blog, Cybersecurity, MITRE ATT&CK, validated zero trust, zero trust
To echo a famous Russian proverb, "trust but verify," it's not enough to implement a zero trust architecture. Continuous testing is the only way to achieve real cybersecurity readiness. The post “Zero ...
Meet AttackIQ Vanguard: Helping security teams identify control gaps before the adversary does.
As organizations react to constantly changing and challenging situations today, they need to be confident they can still meet their business objectives while controlling risk. The post Meet AttackIQ Vanguard: Helping security ...