cybersecurity

The original post: /r/cybersecurity by /u/blueCat1301 on 2024-10-10 19:35:19.

Hi,

We are a very small US start-up looking to get SOC2 certified. We already have a Drata subscription.

About us:

• Saas, pure API, no UI, no site where users can login, just an API
• Modern stack, AWS, GSuit, Slack, Github, etc
• Three people team, two developers and one business person all remote

Reasonably paranoid about security, but not experts. We have a good understanding of the basics, but we are not security experts.

We need the certification as a sales tool for some big corporate leads.

We would love someone who can practically do it for us. Someone who can say: for your business you should have thees policies, these controls, etc. Ideally be on with us also during the audit.

Thank you.

PS: If this is not the right place to ask, please let me know where to ask.

The original post: /r/cybersecurity by /u/Bombardier143 on 2024-10-10 19:22:36.

I'm building a pipeline to automate some of the tasks in the initial analysis of a malware sample. I'm thinking of including capa.

I've noticed it sometimes giving me false information on capabilities of clean files. I don't have enough experience to know for sure how reliable it is.

If someone has any experience with it, is it a reliable tool?

The original post: /r/cybersecurity by /u/Patient_Mousse_1643 on 2024-10-10 18:50:28.

Hi everyone!

Recently we have drowning in a sea of phishing attempts (software company, about 3300 employees). Our management finally woke up and green-lit a budget for a real email security solution.

We were all set to take Abnormal Security for a spin, but then some friends/colleagues started sharing mixed reviews. Now I'm second-guessing everything and wondering if we're the only ones struggling this much. Figured I'd tap the hive mind here.

So, lay it on me:

1. What's everyone using these days to block those sneaky spearphishing attempts? Any products actually keeping up with the onslaught, or are we all in the same leaky boat?
2. With all this AI-powered phishing madness, has anyone found vendors that are genuinely staying ahead of the curve, or is it a losing battle across the board?
3. Any widespread nightmares or products that seem to be falling short for multiple companies? What should we steer clear of?

Darktrace and Avanan are on our radar too, but honestly, I'm open to anything at this point. If you've got war stories or insights on the current state of affairs, I'm all ears.

Thanks for any wisdom you can drop

The original post: /r/cybersecurity by /u/saga04 on 2024-10-10 17:21:51.

Can we trust them as do not see any white-labeled trust center link with them? Are US enterprises okay in trusting them or it doesn't matter and what matters is a certificate?

The original post: /r/cybersecurity by /u/Regular-Scallion4266 on 2024-10-10 17:13:26.

I'm a senior finishing a bachelor's in cybersecurity, with an associate's in IT and certifications like CompTIA Security+. I interned for a year, starting in the helpdesk team and transitioning to cybersecurity, where I gained experience in networking, ITSM, and deploying laptops. The company is an insurance company across multiple locations. I've been with the info sec team for 2 months, I'm hoping they'll offer me a job soon, I'm in Southwestern VA if that makes a difference.

The original post: /r/cybersecurity by /u/Afraid-Size740 on 2024-10-10 17:01:27.

Hey folks, How are you finding the market at the moment? Senior professional here struggling to get a new role so I wonder if anyone is facing the same?

The original post: /r/cybersecurity by /u/pancakebreakfast on 2024-10-10 16:56:59.

Attacks on large language models (LLMs) take less than a minute to complete on average, and leak sensitive data 90% of the time when successful, according to Pillar Security.

Pillar’s State of Attacks on GenAI report, published Wednesday, revealed new insights on LLM attacks and jailbreaks, based on telemetry data and real-life attack examples from more than 2,000 AI applications.

LLM jailbreaks successfully bypass model guardrails in one out of every five attempts, the Pillar researchers also found, with the speed and ease of LLM exploits demonstrating the risks posed by the growing generative AI (GenAI) attack surface.

“In the near future, every application will be an AI application; that means that everything we know about security is changing,” Pillar Security CEO and Co-founder Dor Sarig told SC Media.

The original post: /r/cybersecurity by /u/PeneiPenisini on 2024-10-10 16:50:18.

I was listening to risky biz a couple weeks ago and they had the guy from push security on. Ended up watching him so a demo of evilnovnc on YouTube. I usually only get to see the fallout from these types of attacks but I love to get a picture of what the attacher sees to wrap my head around the whole thing. So my question, are there any people/channels out there that do regular demos of malware that aren't like hour long deep dives?

The original post: /r/cybersecurity by /u/buy_chocolate_bars on 2024-10-10 15:56:18.

I work at a software company, and one of our clients in another country is requesting a photocopy of each employee's passport who will access the systems deployed on their network. I've never heard of such a request before, given that passports are sensitive documents. Has anyone else encountered this? How did you handle it?

The original post: /r/cybersecurity by /u/yo_heythere1 on 2024-10-10 15:49:48.

Is it normal for security managers to panic on every, single alert that the vendor’s tools deemed as “critical” … I want to get insight if anyone else experiences the same where critical/sensitive findings require all hands on deck war room. This can range from misconfigured accounts to malware found on a single host. Personally, I’m the type to due some research before starting any calls to see if it’s a false positive like did the respective team legitimately ran the exe or was there an authorized pen test.

even i am still a novice to this field and am learning how to improve, but i cannot see myself working under management that panics without gathering some background information.

The original post: /r/cybersecurity by /u/CEPAORG on 2024-10-10 14:24:47.

The original post: /r/cybersecurity by /u/scertic on 2024-10-10 13:29:14.

Original Title: The 2023 World Economic Forum’s (WEF) Global Risks Report was not too much off from projected Cyber Risks - Back in 2023, Digital Dependence and Strong As The Weakest Link were in bold. it's Q4 of projected year and we are already there. What are your expectations?

The original post: /r/cybersecurity by /u/tisme- on 2024-10-10 10:49:00.

The original post: /r/cybersecurity by /u/selmynnawhysea on 2024-10-10 09:28:18.

The original post: /r/cybersecurity by /u/towtoo893 on 2024-10-10 09:02:55.

The original post: /r/cybersecurity by /u/towtoo893 on 2024-10-10 08:45:24.

The original post: /r/cybersecurity by /u/jajajaline on 2024-10-10 05:14:18.

If you found evidence of actors in your environment and then decided to hire a firm to threat hunt, did you get enough info? Was it worth it?

View Poll

The original post: /r/cybersecurity by /u/john217 on 2024-10-10 00:03:35.

The original post: /r/cybersecurity by /u/anynamewillbegood on 2024-10-09 23:17:52.

The original post: /r/cybersecurity by /u/Far-Web-4551 on 2024-10-09 21:07:17.

Can any one confirm?

"Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!"

The original post: /r/cybersecurity by /u/FourD00rsMoreWhores on 2024-10-09 21:01:51.

The original post: /r/cybersecurity by /u/Alternative_Rush_817 on 2024-10-09 19:54:14.

I am a new Security Lead/Analyst for medium sized company who does not have a great security posture. One of the many things I have been tasked with is creating and aiding in enforcing policies that pertain to what standard procedure should be, should a user violate some security policy, i.e. fail a phishing test, so many times. The company runs some internal security analysis/tests but does nothing with the info/results of any of it.

So, my question is, what is a typical or industry standard way of handling these incidents? Is it just one the first violation they get an email/written warning, second is additional training, and so on? Or what do you guys recommend.

Thanks in advance for any advice or point in the right direction!

The original post: /r/cybersecurity by /u/NudgeSecurity on 2024-10-09 19:29:48.

It’s been around two years since ChatGPT exploded and AI use is still climbing—we’ve seen 900% growth in AI tool adoption since last (June/July). How have you approached security and governance for AI usage? What are you doing that’s working well? What’s not working for you?

The original post: /r/cybersecurity by /u/Cant_Think_Name12 on 2024-10-09 19:07:18.

Hi all,

Question for those of you who use Ontinue for a 24/7 external SOC, what are your thoughts? (Reference: Cyber Defense Center | Ontinue ION)

What are the pros of it, cons, pricing like?

How do you find their analysts and response/escalation times to be? Are their custom detection rules any good? Do they handle your internal incidents or only their own custom ones?

How is their alert tuning? What's included in a 'minimum' package?

Overall, I'm looking for any feedback on them to decide whether to go for them or not. Any insight would be greatly appreciated.

The original post: /r/cybersecurity by /u/CYRISMA_Buddy on 2024-10-09 10:57:05.