Blog

A Guide to Security Controls Validation

On a daily basis, security teams are confronted with the challenging responsibility of detecting and overseeing security vulnerabilities within their expanding attack surface. Ongoing digital transformation projects, the migration to cloud infrastructure, corporate mergers and acquisitions, and various other IT environment alterations consistently introduce the business to fresh risks. Enter Security Controls Validation - an

By |2023-11-08T16:21:17+00:00November 8th, 2023|Blog|Comments Off on A Guide to Security Controls Validation

Enhancing Cybersecurity with Threat-Informed Defense

In today's digital landscape, organizations face an ever-increasing number of cyber threats that can cause significant damage and disruption. To effectively protect their networks, systems, and data, organizations need a proactive approach that goes beyond traditional security measures. This is where threat-informed defense comes into play. Threat-informed defense is a strategic approach to cybersecurity that

By |2023-10-27T10:28:24+00:00October 27th, 2023|Blog|Comments Off on Enhancing Cybersecurity with Threat-Informed Defense

Understanding the Telecommunications (Security) Act

In our increasingly interconnected world, the security of telecommunications infrastructure has never been more critical. As technology advances, so do the threats and vulnerabilities that can compromise the integrity and privacy of communications networks. The continuous evolution of technology has led to a greater dependence on telecommunications systems for various aspects of our daily lives.

By |2023-10-18T12:42:06+00:00October 18th, 2023|Blog|Comments Off on Understanding the Telecommunications (Security) Act

NSA and CISA Red Share Top Ten Cybersecurity Misconfigurations

National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. The Top 10

By |2023-10-05T20:42:42+00:00October 5th, 2023|Blog|Comments Off on NSA and CISA Red Share Top Ten Cybersecurity Misconfigurations

Snatch Ransomware: CISA Threat Advisory AA23-263A available for testing in Validato

Snatch Ransomware: CISA Threat Advisory AA23-263A is now available for testing in Validato for all existing customers. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a cyber threat advisory relating to Snatch Ransomware, an emerging Ransomware threat actor that first emerged in 2021 and has so far mainly targeted organizations in the Defense, Agriculture,

By |2023-09-21T10:29:31+00:00September 20th, 2023|Blog|Comments Off on Snatch Ransomware: CISA Threat Advisory AA23-263A available for testing in Validato

Threat-Informed Defense: What Is It and How to Implement It?

Many organizations struggle to gauge the true effectiveness of their security controls. Security measures frequently falter without detection and breaches still have significant consequences. Cybersecurity teams require a proactive and straightforward method to consistently monitor the actual performance of their security programs. To address this issue, adopting a Threat-Informed Defense strategy becomes crucial. Through ongoing

By |2023-10-06T15:23:22+00:00September 18th, 2023|Blog|Comments Off on Threat-Informed Defense: What Is It and How to Implement It?

What Is a Cyber Attack Simulation?

In today's digital landscape, where cyber threats continue to evolve and grow in complexity, the importance of cybersecurity cannot be emphasized enough. Organizations across various sectors face the constant risk of cyber attacks, which can have severe consequences ranging from financial losses to reputational damage. To effectively combat these threats, cybersecurity professionals employ a range

By |2023-06-27T10:41:13+00:00June 27th, 2023|Blog|0 Comments

Simulating BianLian Ransomware to Test Defences

On May 16th 2023, the US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) issued a joint advisory (Advisory AA23-136A) on the emergence of a new Ransomware group, calling themselves BianLian (after the infamous Chinese theatrical costume dances).  BianLian Ransomware has been active in a variety of industry sectors in

By |2023-05-18T14:12:34+00:00May 17th, 2023|Blog|0 Comments

Enhancing SIEM Detections With MITRE ATT&CK Simulations

Introduction Security Information and Event Management (SIEM) platforms are essential tools for detecting and responding to security threats. These systems can analyse and correlate data from various sources to identify potential threats in real-time. However, SIEM systems can become less effective when attackers use advanced or new techniques to evade detection and if they are

By |2023-04-06T09:48:34+00:00April 5th, 2023|Blog|Comments Off on Enhancing SIEM Detections With MITRE ATT&CK Simulations

Red Canary 2023 Global Top Threats Available to Test in Validato

Red Canary 2023 Global Top Threats Available to Test in Validato Validato is happy to announce that it has added the Red Canary Top Threats, as published in the Red Canary 2023 Threat Detection Report, to the Validato platform. This allows Validato customers to instantly test and validate their security control effectiveness and detection capabilities

By |2023-04-01T13:37:12+00:00March 27th, 2023|Blog, News|Comments Off on Red Canary 2023 Global Top Threats Available to Test in Validato
Go to Top