Clik here to view.
Tips for auditing your AWS security policies, the right way
My colleagues and I have previously blogged quite a bit about best practices for setting up and managing security in your AWS estate. Now its time to talk about auditing this environment. Because its...
View ArticleClik here to view.
Business Driven Security Management: Putting Theory into Practice
Modern business is all about agility: organizations operating under competitive conditions must act and move fast to remain profitable. And that also applies to the applications that drive the...
View ArticleClik here to view.
Why and how to align vulnerabilities with business risk for PCI-DSS compliance
It is well known that any organization that handles payment card data, must comply with the PCI DSS regulatory framework. This standard comprises 12 main requirements which cover areas including...
View ArticleClik here to view.
The five stages of security policy management
Many organizations believe that Security stands in the way of the business – particularly when it comes to changing or provisioning connectivity for applications. It can take weeks, or even months to...
View ArticleClik here to view.
The Top 10 AlgoSec Blog Posts From 2017
As we kick off the new year, I’ve taken a moment to take stock of our blog posts from the past year. There was certainly no shortage of talking points in cybersecurity last year, and we touched on a...
View ArticleClik here to view.
Are you wasting time in network security?
Maintaining and managing IT security is critical for any organization, but how much of this time is well spent, and how much time is lost as a result of inefficient processes? According to recent...
View ArticleClik here to view.
Network Computing on AlgoSec: “takes the pain out of network security and...
We’re delighted to receive another outstanding review of AlgoSec, this time in the leading UK IT title, Network Computing. In the review, the tester asserted that “AlgoSec’s Security Management...
View ArticleClik here to view.
“Invaluable to our information security department” – what real users think...
In today’s threat landscape, finding the right solutions to improve your organization’s security posture is more important than ever before. So how should you evaluate those solutions and cut through...
View ArticleClik here to view.
We want to meet you at RSA …so what’s in it for you?
If you’re going to RSA in San Francisco next week I would love to meet you there! Here’s a quick rundown of what’s happening at our booth #1127. The fun stuff: You’ll get to play a fun game, and can...
View ArticleClik here to view.
Getting it right in the cloud: The AWS bucket list for security
With organizations having a seemingly insatiable appetite for the agility, scalability and flexibility offered by the cloud, it’s little surprise that one of the market’s largest providers, Amazon’s...
View ArticleClik here to view.
Five next-gen security tools to consider for your cloud-ready infrastructure
The modern data center has truly evolved. We’re now seeing the emergence of a truly interconnected cloud platform spanning numerous heterogeneous platforms. Throughout all of this – security continues...
View ArticleClik here to view.
Let’s Put Down Insecure Protocols For Good
Okay, we all have them… they’re everyone’s dirty little network security secrets that we try not to talk about. They’re the protocols that we don’t mention in a security audit or to other people in the...
View ArticleClik here to view.
Keep Calm and Be Prepared: Know Your CSIRT
Picture this: A phone call wakes you, the CTO, at 6am on a Saturday morning. It’s a reporter from a large newspaper asking about your data breach. You have no idea what the reporter is talking about...
View ArticleClik here to view.
Three Tips for Creating an Effective Security Change and Process Control...
We’re at the stage where modern enterprises now directly rely on their data center to run their businesses. And security – protecting what’s actually living in the data center – is one of the most...
View ArticleClik here to view.
Avoid The Traps: What You Need To Know About PCI’s Requirement 1
So you’re going through a PCI assessment for the first time and you start reading through the requirements mandated by your Qualified Security Assessor (QSA) and the PCI Council auditor. Naturally you...
View ArticleClik here to view.
Are You Positive Your PoS is Secure?
As we have recently seen in the news, Point-of-Sale (PoS) systems become a prime target for hackers. While debit and credit card transactions have increase exponentially every year, security of PoS...
View ArticleClik here to view.
Avoid the Traps: What You Need to Know about PCI Requirement 1 (Part 2)
We’ve now reached part two of our three part series on PCI Requirement 1. In our previous blog post we reviewed the 1.1 sub-requirement which covers firewall and router configurations. In this post...
View ArticleClik here to view.
Avoid the Traps: What You Need to Know About PCI Requirement 1 (Part 3)
So we’ve made it to the last part of our blog series on PCI 3.0 Requirement 1. The first two posts covered Requirement 1.1 (appropriate firewall and router configurations) and 1.2 (restrict connections...
View ArticleClik here to view.
Dont Know How to Stay on Top of Corporate Security Policy Compliance? Start...
For many IT security professionals, compliance goes way beyond meeting regulatory standards. Increasingly, many companies, particularly those in the financial sector, have taken a harder stance and...
View ArticleClik here to view.
Selecting the Right IaaS Platform: 8 Tips to Help Ensure You’re Secure
With its flexibility and cost savings cloud computing is now here, and whether you know it or not, you’re most likely using it one way or another. At least some of your data, whether personal or...
View ArticleClik here to view.
Are You Guilty of the Seven Deadly Sins of Security Policy Change Management?
Managing ever-growing network security policies is not getting any easier. We are facing more threats, greater complexity and increased demand for both security and application connectivity. However,...
View ArticleClik here to view.
Mitigating Gartner’s Network Security Worst Practices
Welcome to our special blog series: Mitigating Gartner’s Network Security Worst Practices. Over the course of more than 3,000 client interactions in the past year, Gartner has observed several common...
View ArticleClik here to view.
Firewalls, Breaches and the 2015 Verizon PCI DSS Report: What You Need to Know
According to the recently released Verizon 2015 PCI Compliance Report “27% of organizations that suffered a data breach in 2014 were compliant with Requirement 1 [of the PCI DSS standards] at the time...
View ArticleClik here to view.
What’s in a Plan? Tips from a Security Expert on How to Develop an Effective...
Recently I had the opportunity to sit down with Matt Pascucci, one of our most popular and prolific guest bloggers. When he’s not blogging for AlgoSec, Matt works as an information security engineer...
View ArticleClik here to view.
Top PCI Audit Pitfalls and How to Avoid Them: The QSA’s Perspective
Ever wish you could get inside your QSA’s head before your next PCI audit? Join QSA Adam Gaydosh of Anitian, and Nimmy Reichenberg, VP of Strategy at AlgoSec to get the inside scoop on what QSAs are...
View ArticleClik here to view.
Ever Wish You Could Get Inside your QSA’s Head Before Your Next PCI Audit?
A few weeks ago, Adam Gaydosh, a certified QSA with Anitian, and Nimmy Reichenberg, our VP of Strategy here at AlgoSec presented an educational webinar on the top PCI audits pitfalls, and how to avoid...
View ArticleClik here to view.
Survival Tips For The Security Skills Shortage
Your organization’s greatest security resources are people. They see the trouble spots and can intelligently investigate incidents and raise red flags (often at a higher level than the green-yellow-red...
View ArticleClik here to view.
Who’s Connecting to Your Network?
In today’s global market place your organization needs network connectivity with external entities – suppliers, credit card processing companies, business partners, data feeds etc. But are you really...
View ArticleClik here to view.
Tips for Managing Your External Network Connections
Last week our CTO, Professor Avishai Wool, presented a technical webinar on the do’s and don’ts for managing external connectivity to and from your network. We kicked off our webinar by polling the...
View ArticleClik here to view.
Still Using SSL? You’re No Longer Compliant with PCI
It’s well-known that the SSL (Secure Sockets Layer) protocol, the security technology that establishes an encrypted link between a web server and a browser, is the source of many recent...
View ArticleClik here to view.
National Cyber Security Awareness Month: Our Best Practices & Tips to Keep...
The Department of Homeland security has designated October as the National Cyber Security Awareness month. In its honor, here are our top 10 most popular blog posts from the past year (based on...
View ArticleClik here to view.
5 Top Firewall-Related Compliance Gaffes
Compliance – it’s that dirty word that any free-thinking IT professional hates to hear. But like it or not, compliance is a reality of doing business today. One of the biggest problems that I see...
View ArticleClik here to view.
Stay on Top of Your Security Game: Why Network Vulnerabilities Matter
Over the past couple of months both Cisco and Juniper have had major vulnerabilities in their operating systems that allowed for remote execution of code, access to networking and the ability to...
View ArticleClik here to view.
Don’t Sidestep Security When Decommissioning Your Applications
We’ve all done it before, removed a system from our network without thinking twice about what changes need to be made to the firewall. As long as the replacement is up and working without any issues...
View ArticleClik here to view.
Reaching PCI Nirvana: How to Ensure a Successful Audit and Maintain...
PCI-DSS audits are typically a point-in-time “fire drill”, yet the PCI-DSS standards body expects a continuous state of compliance. Unfortunately poor change management processes are often the Achilles...
View ArticleClik here to view.
Announcing Our New Website: Take a Tour and Enjoy the New Experience!
We’re proud to announce the launch of our new website! Our aim is to provide you with new and insightful content to help you make your enterprises more agile, more secure and more compliant. The...
View ArticleClik here to view.
Security is from Mars, Application Delivery is from Venus
Men Are from Mars, Women Are from Venus by John Gray was one of the best-selling nonfiction books of the 1990s. It asserts that men and women essentially come from different ‘planets’, and need to seek...
View ArticleClik here to view.
PCI DSS 3.2: Why removing SSL or updating the TLS just isn’t enough
In the past two years there has been a spate of cyberattacks targeting older versions of security technology that establishes encrypted links between web servers and browsers – HTTPS – specifically on...
View ArticleClik here to view.
Blurred lines: who’s responsible for security in NSX?
Last week I blogged about understanding the security implications when migrating Greenfield and Brownfield applications to VMware NSX. Today, we’re examining the next steps after you’ve successfully...
View ArticleClik here to view.
New Professor Wool whiteboard video course on Network Security for VMware NSX
In advance of VMworld next week Professor Wool has created a new whiteboard-style course on Network Security for VMware NSX. Each lesson focuses on a specific challenge of and provides technical tips...
View ArticleClik here to view.
Cybersecurity brain drain: the silent killer
Many organizations are facing a cyber threat which is quietly and stealthily eroding their defenses. What’s worse, this threat cannot be detected by any enterprise security products, yet it presents...
View ArticleClik here to view.
Is time running out for the devices on your network?
Nearly three quarters of businesses have end-of-support devices on their networks, according to new research. These statistics don’t surprise us. It’s a common phenomenon among our customers. But...
View ArticleClik here to view.
How to align security with your business processes – a technical perspective
In this era of digital transformation, globalization, and relentless cyber-attacks, security can no longer remain a technology issue that simply focuses on defending networks and data. It must become a...
View ArticleClik here to view.
Learn how to accelerate data center application deployments with Cisco ACI...
Managing policies across physical and virtual networks and multivendor security devices requires a delicate balance between ensuring security, reducing risk and provisioning connectivity for critical...
View ArticleClik here to view.
A day in the life of a CISO
So what does an average working day look like for the CISO of a mid-size or large enterprise? I recently spoke at length with the former CISO of an organization with 15,000 staff, and around $1bn...
View ArticleClik here to view.
Don’t WannaCry anymore? Tips to prevent, contain and clean up the tears
Without doubt one of the biggest news stories of the past week is the WannaCry ransomware attack, that has infected hundreds of thousands of Windows-based computers in 150 countries. The unprecedented...
View ArticleClik here to view.
New webinar: Security policy management for financial institutions
Financial institutions are constantly seeking to better serve their customers and maintain a competitive edge through new technology innovations and digital transformation initiatives, yet they often...
View ArticleClik here to view.
New webinar: Security Change Management – Agility vs. Control
Today’s fast paced business application deployments and changes require IT, networking and security to be more agile than ever before. Yet this agility often comes at the expense of security, control...
View ArticleClik here to view.
New webinar: Security a Revenue Center – How Security Can Drive Your Business
Traditionally Security was viewed as necessary cost center or an insurance policy you hoped you’d never have to cash in. Yet by automating security policy management you can actually save your...
View ArticleClik here to view.
4 Network-Policy Configuration Errors that Must Not Happen
We recently blogged about some of the steps security teams can take to tidy up their firewall rules: removing duplicates, tightening overly permissive rules and removing redundant rules. Why not let a...
View Article
