Lessons from the field: To the Left or Right of Boom?

Many in Cyber Security tend to focus on the security event (the “Boom”) and mitigating the impact after (to the right of) the Boom. To build true Cyber Resiliency, we need to spend as much, if not more, time to the left of Boom, building the processes for responding to the Boom or better yet, […]

Lesson from the field: Introducing Anti-goals to your project

I was talking to a client recently about a project we were working on and the term “Anti-Goal” popped up. We all know what goals are. The thing that we are trying to accomplish. Anti-goals are those things we are trying to avoid. As we discussed the goals of the project, my client said “And of course we do […]

Upcoming Features for Cyences 1.10.0

Cyences 1.10.0 enriches the data for Office 365 by adding several new dashboard panels and alerts that cover a wide array of changes and updates which are extremely useful for security admins. “Splunk Admin Checks” has been added to the app’s navigation bar to improve the auditing experience for any administrator. The dashboards under Splunk […]

How to Create a Strong Password

1. Make Passwords Long Password length is a primary factor in characterizing password strength. Passwords that are too short or are commonly used words and phrases are vulnerable to brute force attacks. – NIST (National Institute of Standards and Technology)– Reformed hacker Kevin Mitnick recommends 20-25 characters  2. How Do I Create A Strong Password? […]

Dealing with Security False Positives in Splunk (Enterprise Security)

SIEM tools are extremely useful for security engineers, but a major problem with SIEMs are false positives. No matter which SIEM tool an organization relies on, false positives are a common denominator across the board, since these security tools are generally built to support all environments. Security engineers often find themselves manually fine tuning these […]

Cyences Version 1.6.1 Enhancements & Updates

Added a new Sophos Central endpoint metadata collection command Device Master Table has been renamed to Device Inventory Table  Enhancements have been made to the Device Inventory Table, Asset Intelligence, Forensics, and Office 365 dashboards New Linux/Unix report Sophos Central  Sophos is highly recognized as a worldwide leader in next-generation cyber security. Cyences is set […]

Aspirational thinking vs. Reality

Javier to Manager: Can I work from Sudan for a month  Manager: Will you have Internet access Javier: Yes for sure, my friend there said Internet is great and shouldn’t be a problem https://crossrealms.com/wp-content/uploads/2021/07/VID-20210730-WA0010.mp4

Cyences App Fixes Splunk Integration with Palo Alto Networks

Palo Alto Networks latest software update, known as PAN-OS 9.1, has officially changed the log format for VPN/GlobalProtect logs. This switch has resulted in Splunk users experiening problems with populating their data for VPN/GlobalProtect related dashboards. Palo Alto Networks Log Format Comparison for Splunk 9.0 Log Format ● Previously, GlobalProtect data was present in the […]

Six methods to protect your organization from ransomware

Businesses of all sizes are becoming targets of ransomware campaigns at blazing speed as cybercriminals, with increasing sophistication, hack into computer systems and mobile devices with the goal of stealing and or locking out companies from their sensitive data to later demand a ransom for retrieval. The increase in attacks is alarming. In 2017, the […]