Is ModSecurity Dead? Answering the Question Head On. As with any mature and venerable technology, ModSecurity is facing its “Is It Dead?” stage, with some pundits assuming and proclaiming it dead ever since the Trustwave ModSecurity sunsetting and end of support announcement in 2021. We get asked the question a lot by folks who want […]
The Equifax data breach quickly arose to become one of the most notorious in history. It was large. Over 147 million people had their financial records exposed to hackers. At least as of March 2018 that was the number. It has been revised upward a number of times and there could be more. The data […]
Web application firewalls (WAFs) have become ubiquitous in our always connected, cloud-driven world. Any device that is exposed to the internet is vulnerable and WAFs can eliminate the risk of entire classes of attacks and vulnerabilities from ever threatening system security. However, not all WAFs and configurations are created equal. Good WAFs block what you […]
2017 brought even more focus on Linux platforms with the continued rise of cloud, containers, OSSEC and IoT adoption. The challenge confronting many IT departments is that the old security models and solutions don’t quite work in these new computing environments. Atomicorp stepped into this gap and introduced several new security solutions to help companies […]
Everyone has now heard about the Equifax breach. It impacted millions of Americans who will face significant financial and credit risk for years while costing three senior Equifax executives their jobs. There is even talk that a nation state could use the information to target individuals with access to classified information. However, for businesses that […]
There are two rules of a good web application firewall (WAF). Atomicorp CEO Mike Shinn talks about stopping attacks and not interfering with legitimate traffic in today’s video interview. He also discusses how failure along these two principles led directly to the Equifax hack. The Most Comprehensive Modsecurity WAF Atomic Secured WAF is […]
It’s kind of strange to suggest adding security to OSSEC. The OSSEC project has security in its very name. However, as surprising as it may sound, while OSSEC may do some things well, it doesn’t do everything and some things it does so very poorly. It can give you a false sense of security. It […]
Atomicorp has a long history with Plesk. My brother Scott and I were co-founders of Plesk in 1999. When we founded Atomicorp, we had Plesk users in mind. Just like Plesk made server management an easier task through automation, we set out to automate server security. People now understand that cybersecurity is everyone’s problem. It’s […]