Blog
How to Recover After Failing a Cybersecurity Audit
Tue, 12/12/2023
While it’s important to adhere to compliance regulations, blunders do happen. What does it mean when these blunders lead to you failing a cybersecurity audit, and how can you recover? Consequences of Failing a Cybersecurity Audit Failing a cybersecurity audit can mean several things. First, there’s the up-front legal fines that come with falling on the wrong side of compliance. Here are a few...
Blog
Accelerating Security Maturity with Fortra Bundles
Tue, 08/29/2023
In The Importance of Layering Offensive Security Solutions , Fortra experts underscore the advantage of developing a single source offensive security tooling portfolio. Read on to find out the necessary ingredients for a proactive strategy and why Fortra’s ability to combine and maximize solutions optimizes security and produces the most effective outcomes. The Five Elements of an Offensive...
Guide
Fortra's Complete Guide to Layered Offensive Security
Most organizations have a decent understanding of the types of defensive security tactics they need to employ to thwart cyberattacks. But offensive security techniques are just as important for detecting existing vulnerabilities that a threat actor has yet to discover and exploit. Learn how to approach offensive security from the ground up, including the value of using a layered security approach...
Guide
2023 Pen Testing Report
Over the years, penetration testing has become an integral component in proactive approaches to security, evaluating and prioritizing risk before breaches occur. Through the exploitation of identified security vulnerabilities, penetration testing can effectively measure the feasibility of systems or end-user compromise and evaluate any related consequences such incidents may have on the involved...
Blog
Solutions for Vulnerability Management
Fri, 04/22/2022
This guest blog from Dr. Edward Amoroso, Tag Cyber provides a high-level overview of modern advances in vulnerability management and how the Fortra cybersecurity portfolio supports this important method for addressing exploitable weaknesses in an enterprise.
Blog
The Evolution and Advancement of Penetration Testing Under Covid-19
Fri, 05/21/2021
Brian Wenngatz, general manager at Core Security, a Fortra company, discusses the advancement of penetration testing during Covid-19.
Guide
Integrating IBM i Security Events into Your SIEM
This guide discusses the technical issues relevant to logging IBM i security data and offers a solution for real-time awareness of security events and integration with SIEM solutions.
Blog
How to Apply IDS/IPS to IBM i
By Robin Tatam on Fri, 05/12/2017
IPS/IDS are common cybersecurity terms, but how does that pertain to the IBM i environment?
Guide
Download "Secure Inside and Out: Maximizing Intrusion Detection and Prevention on IBM i"
Data leaks and operational disruptions can come from any source—internal or external. To protect sensitive data from modern cyberthreats, all organizations need a robust intrusion detection and prevention system (IDS/IPS). The IBM i operating system includes advanced capabilities for detecting and preventing external threats, but there are still gaps that must be filled. Download this guide for...
Blog
The DDoS Deception You Need to Know About
By Robin Tatam on Wed, 03/08/2017
A denial-of-service attack is any attempt to interrupt or inflict downtime upon IT systems, but a basic DoS threat is smaller in scale than its DDoS counterpart. With the former, the influx of traffic may come from a single source, while in a DDoS attack, traffic comes from numerous sources – making it more difficult to deal with.
Blog
How “Smash and Grab” Compromises IBM i
By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Blog
What is the Value of SIEM?
By Robin Tatam on Wed, 03/08/2017
As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…
Guide
Download “How IT Professionals Can Navigate PCI DSS Compliance” Guide
The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information. This includes merchants and third-party service providers that store, process, or transmit credit card data. The launch of PCI DSS helped expose serious security shortcomings, failures to follow security best practices, and a general lack of awareness of the...