Podcast: What Are Cyber Security Red Teams and Why They Exist

Posted on by cody woods

Cyber Security Red Teams have become a common tool for testing enterprise cyber security. They attempt to penetrate security defenses as if they were hackers. Red Teams are motivated to be creative and determine the best way to circumvent security measures in place, sometimes by any means possible. Mike has been red teaming since the […]

Podcast: Why Do Hackers Hack? It’s Not Why You Think

Posted on by cody woods

Why do hackers want to break in? It’s a question that has been asked in lots of different ways. From why would they want to? Why would they care? And this is a really good question to ask yourself and to try and understand because often times people tend to look at what they’re protecting […]

Podcast: What Is Virtual Patching and How Can It Enhance Security

Posted on by cody woods

Virtual patching is a way of implementing a security policy to eliminate or mitigate a vulnerability. It is not actually patching, but is a way to do something quick and external to the application. Why not just use a patch? Sometimes there is no patch available and other times speed is of the essence. And, […]

Podcast: What Are SQL Injection Attacks?

Posted on by cody woods

SQL Injection Attacks are a method for taking advantage of flaws in the way an application is written. In particular, they exploit application vulnerabilities that offer direct access to databases. Mike Shinn, CEO of Atomicorp, has employed SQL injections in cyber security Red Team exercises and built countermeasures that defend against them. In this week’s […]

Podcast: Common Vulnerabilities and Exposures or CVEs Explained. What They Are and How They’re Used

Posted on by cody woods

The Common Vulnerabilities and Exposures (CVE) system is a critical tool for the cybersecurity industry. CVEs provide consistency in naming and clarity on the nature and impact of various vulnerabilities. In this week’s Linux Security Podcast, Atomicorp CEO Mike Shinn discusses the origin and management of the CVE process, how it’s used by cybersecurity professionals […]

Podcast: Efail Vulnerability and Its Impact on Encrypted Email

Posted on by cody woods

The Efail vulnerability has been in the news and has many people rushing to remove encryption from their email clients. The security vulnerability does impact S/MIME and PGP users, but only a subset. That means a lot of people are removing encryption from their email unnecessarily and putting themselves at risk. Atomicorp CEO Mike Shinn […]

Podcast: What Is File Integrity Monitoring (FIM)?

Posted on by cody woods

File Integrity Monitoring is designed to notify you when files have changed on a system. It was one of the very first security detection capabilities in existence and is almost as old as passwords. FIM for PCI DSS Compliance and Other Security Protocols FIM has also been incorporated into many regulatory and security protocols. Mike […]

Podcast: What is a Brute Force Attack?

Posted on by cody woods

A Brute Force Attack is one of the oldest cyber attacks. It was even featured in the 1980’s thriller, War Games. In this episode, Mike Shinn walks through how a Brute Force Attack works, reviews some different flavors of attacks and how to defend against them Atomicorp provides unified workload security for cloud, data center […]

OSSEC Conference Video: File Integrity Monitoring and OSSEC

Posted on by cody woods

File Integrity Monitoring is the process of validating the integrity of operating system or application software files using a verification method based on the comparison of the current file state and a known good baseline. Dan Parriott is an OSSEC contributor who has been using the open source solution since 2006. He is a self-proclaimed […]