A cybersecurity incident response team (also known as CSIRT) is a team of cybersecurity experts available to deal with an incident occurring in an organisation. The team can be either internal or external, this depends on the nature of the incident and whether the team is equipped to deal with it effectively.
find out more
Used by organisations to detect and prevent malicious activity in an organisation, Network Detection and Response describes a category of security solutions that are used to investigate and mitigate the risk of attackers. It is a progressive security solution providing a centralised machine-based analysis of network traffic and response solutions.
NDR solutions provide a single solution for visibility across on-prem, remote, and cloud environments.
Find out moreHow can you ensure you have outsourced your penetration testing requirements to the right provider?
Find out moreSIEM (Security Information and Event Management) is one of many approaches to security management. It combines SIM (Security Information Management) and SEM (Security Event Management) to aggregate data from a variety of sources as well as identify any deviations and act against them.
Find out moreThe ability to detect and respond to threats quickly and effectively is crucial for maintaining the health and security of the hardware, networks and software maintaining the confidentiality, integrity and availability of enterprise, data and software assets in your business.
Find out moreFor protecting endpoints such as workstations and servers, antivirus protection has been the traditional go-to. However, with Endpoint Protection and Response (EDR), next-generation protection is available to organisations.
Find out moreOn June 8th, 2021, Microsoft released their scheduled weekly security update; contained within this release was a patch for a Print Spooler service (spoolsv.exe) vulnerability CVE-2021-1675. The vulnerability had initially been deemed a low-risk Escalation of Privilege (EoP) exploit. However, Microsoft unexpectedly upgraded it to a high-risk Remote Code Execution vulnerability that would allow authenticated […]
Find out moreOver the last year, the technological landscape has changed dramatically across the globe. More businesses than ever are investing in large and robust infrastructures, but the unfortunate truth is severe, and high-level cybersecurity weaknesses are more common today in 2021 than in 2020.
Find out moreFrequently, websites have outdated software containing known security vulnerabilities this is a security risk that can be avoided. Carrying out regular software updates and ensuring that you are using the latest version of the software will typically remediate these issues by installing security patches and increasing your website security.
Find out moreOn May 27th, the Microsoft Threat Intelligence Centre (MSTIC) announced that ‘NOBELIUM’, the threat actor behind the SolarWinds compromise, had instigated another attack in the form of a persistent and evolving phishing campaign. Conducted in increasingly complex stages, this campaign has been active since January 2021. This is since the MSTIC first became aware of the operation.
Find out moreA Security Operations Centre (SOC) is a service that is used to monitor, detect, and respond to security incidents and events across an organisation’s infrastructure. Cyber-attacks and data breaches, organisations, companies, are an inevitable part of our digital world and enterprises of all sizes need to place emphasis on their ability to detect and respond […]
Find out moreIn the early hours of May 14th it was revealed that a sophisticated ransomware attack had taken place against the IT systems of the Irish Health Service Executive (HSE). Information is still coming to light, but it is known that a human-operated, externally based threat group deployed a variant of the ‘Conti’ ransomware this ransomware […]
Find out more