Foregenix-Logo-Horizontal-Colour
Free Webscan

Cybersecurity Insights

Duncan Slater

Reducing the Impact of a Breach Through Early Detection (Part 2) - Incident Response vs Incident Readiness

18/04/18 10:57

This two-part series is focused on reducing the impact of a breach through early detection. In part one we looked at the change in mindset from purely preventative measures, to implementing effective detection methods within your environment; and the positive impact that this could have.  In this article we will look at bridging the gap between the initial point of intrusion and instigation of an effective incident response plan.

80% of businesses do not have an incident response plan, 15% have a documented plan but lack the foundation to provide an efficient or effective response, leaving only 5% [1] of business with an actionable incident response plan in place.  In this, the second part of our IR series we are going to look at the need for an effective and functional Incident Response plan.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

17/04/18 15:43

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Duncan Slater

Reducing the Impact of a Breach Through Early Detection (Part 1)

09/04/18 11:53

How you respond to any incident can have a dramatic effect on the overall outcome and its potential on going impact.  Over this two-part series Foregenix will look to answer the question – “How well will you respond when it really matters?” covering Incident Response and the often-overlooked gap that is ‘Intrusion detection’ or as we like to call it ‘Incident Readiness.’

Read More
David Kirkpatrick

You are the Weakest Link … Goodbye!

16/03/18 16:31

Historically, customers have used penetration testing to test the security of their infrastructure from an external or internal perspective. For a long time, this has been the ‘de facto’ standard to test for security vulnerabilities. However, we (penetration testers), have been aware for quite some time that this is not the full story.

Read More
Kirsty Trainer

Women of Cybersecurity [#InternationalWomensDay]

08/03/18 13:55

Women’s representation in Cybersecurity is often a topic of discussion. As we speak, RSA Conference is being criticized for its lack of female keynote speakers with hundreds of Tech firms backing a rival event which promises to feature more women. 

Read More
Duncan Slater

Reducing the Impact of a Breach Through Early Detection (Part 2) - Incident Response vs Incident Readiness

18/04/18 10:57

This two-part series is focused on reducing the impact of a breach through early detection. In part one we looked at the change in mindset from purely preventative measures, to implementing effective detection methods within your environment; and the positive impact that this could have.  In this article we will look at bridging the gap between the initial point of intrusion and instigation of an effective incident response plan.

80% of businesses do not have an incident response plan, 15% have a documented plan but lack the foundation to provide an efficient or effective response, leaving only 5% [1] of business with an actionable incident response plan in place.  In this, the second part of our IR series we are going to look at the need for an effective and functional Incident Response plan.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

17/04/18 15:43

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Duncan Slater

Reducing the Impact of a Breach Through Early Detection (Part 1)

09/04/18 11:53

How you respond to any incident can have a dramatic effect on the overall outcome and its potential on going impact.  Over this two-part series Foregenix will look to answer the question – “How well will you respond when it really matters?” covering Incident Response and the often-overlooked gap that is ‘Intrusion detection’ or as we like to call it ‘Incident Readiness.’

Read More
David Kirkpatrick

You are the Weakest Link … Goodbye!

16/03/18 16:31

Historically, customers have used penetration testing to test the security of their infrastructure from an external or internal perspective. For a long time, this has been the ‘de facto’ standard to test for security vulnerabilities. However, we (penetration testers), have been aware for quite some time that this is not the full story.

Read More
Kirsty Trainer

Women of Cybersecurity [#InternationalWomensDay]

08/03/18 13:55

Women’s representation in Cybersecurity is often a topic of discussion. As we speak, RSA Conference is being criticized for its lack of female keynote speakers with hundreds of Tech firms backing a rival event which promises to feature more women. 

Read More