• All
  • Company
  • Industry
  • News
  • Partners
How Cloudflare Security does Zero Trust

Throughout Cloudflare One week, we provided playbooks on how to replace your legacy appliances with Zero Trust services. Using our own products is part of our team’s culture, and we want to share our experiences when we implemented Zero Trust. Our journey was similar to many of our customers. Not only did we want better security solutions, but the tools we were using made our work more difficult than it needed...

Read More
Five Questions to Ask Before Choosing an MDR Solution

As the name implies, Managed Detection and Response (MDR) is a cybersecurity service providing detection and response capabilities that minimize the impact of an incident. But what does that mean? We’ll dig into the topic and share questions you should ask your service provider. MDR is a combination of technology and services. The technology provides a range of protection, detection, and response capabilities. The Managed piece consists of technology and services: ...

Read More
Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers

Adversaries often exploit legacy protocols like Windows NTLM that unfortunately remain widely deployed despite known vulnerabilities. Previous CrowdStrike blog posts have covered critical vulnerabilities in NTLM that allow remote code execution and other NTLM attacks where attackers could exploit vulnerabilities to bypass MIC (Message Integrity Code) protection, session signing and EPA (Enhanced Protection for Authentication). The PetitPotam vulnerability, combined with AD-CS relay, is one of the recent severe NTLM relay variations the CrowdStrike Identity Protection research team have seen, which indicates its...

Read More
The Impact Continuous Security Validation has on Security Operations and Incident Response

For organizations that have limited internal resources and security staff, their focus is primarily on attack prevention. The set of automated security validation rules needs to be simple to use and deploy. At a minimum, the security control validation must be automated and provide prescriptive mitigation roadmaps to optimize security control resiliency, as well as threat intelligence operationalization. For more mature organizations with greater security resources and infrastructure, the benefit of...

Read More
Prevention is the Cure: How to Resolve Incidents Before They Occur

Why we need a new approach to endpoint management  By: Michael Martins, VP Partnerships, Tanium Global organizations are spending more money than ever on cybersecurity. The latest estimate put this outlay at an average annual sum of $5.3 million, up 250% since 2019. Yet, at the same time, 85 percent of Canadian companies experienced at least one cyberattack in 2021. And some ransomware groups are making hundreds of millions by exploiting...

Read More
Camp Secure Sense 2019 Recap

Thank you to everyone who made it out to Camp Secure Sense 2019! We appreciate each and every one of you that took time out of your professional and personal lives to come celebrate our 5th year anniversary. This event wouldn’t be possible without you all! Our day kicked off with Peter, our CEO, leading the opening ceremonies. From there Campers went right into the high energy morning icebreaker – Security Speed...

Read More
Protect Your Data With Super Easy File Security Tricks!

By: Andy Green Data security is an all-encompassing term. It covers processes and technologies for protecting files, databases, applications, user accounts, servers, network logins, and the network itself. But if you drill down a little in your thinking, it’s easy to see that data security is ultimately protecting a file somewhere on your system—whether desktops or servers. While data security is a good umbrella term, we need to get into more...

Read More
The Canadian Bacon Series: Creating a Supported Security Architecture

by: Jason Maynard As security practitioners we pride ourselves on our ability to respond quickly to remediate threats and minimize the impact they have on our business. We all know at some point a breach will happen. But the constant challenge of tight budgets, fragmented security technologies, and lack of automation doesn’t make the job any easier for Canadian security professionals. Imagine leveraging many technologies and batting down thousands of threats a...

Read More
APT shutout: Building for the Cyber Security Playoffs

By: Matthew Balcer – SentinelOne Canada Most CIOs, CSOs, Security Analysts, Security Admins wake up every morning assuming that the solutions they’ve put in place, the solutions they have invested in on behalf of their organization, have kept their environment safe. This seems more like a general with his troops standing in a room with a ticking timebomb watching the clock hoping the triggering mechanism will fail. Over 80% of Canadian companies...

Read More
Let’s Get Offensive – The Pros and Cons of Diverse Security Testing Methods

Most IT teams only know if they are protected against a cyber attack when one actually occurs. Organizations spend considerable resources to ensure that they have the best defenses in place. Yet the only way to ascertain those tools’ effectiveness is by launching an offensive. Combining defensive and offensive attack strategies enables you to challenge your security infrastructure and ensure that when the moment of truth comes, your organization will...

Read More