Author: NVISO Blog

Backups & DRP in the ransomware era

In today's digital landscape, the threat of ransomware has forced organizations to reevaluate their disaster recovery plans. Traditional approaches to data protection were focused primarily on high availability and are no longer sufficient. As cyber threats evolve, so must our strategies for safeguarding critical information. This blog post explores the principles and architectures needed to … Continue reading Backups & DRP in the ransomware era

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 2 – Confidentiality

How AI forces us to expand our thinking about basic cybersecurity concepts: Confidentiality

Introduction In the first part of this mini-series, we explored briefly what kind of impacts AI may have on the CIA Triad and whether we should adjust this fundamental framework. The goal of this and subsequent blogposts is assessing the pillars of the proposed Information Security Hexagon, starting with Confidentiality. Maintaining confidentiality in Artificial Intelligence … Continue reading How AI forces us to expand our thinking about basic cybersecurity concepts: Part 2 – Confidentiality

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction

How AI forces us to expand our thinking about basic cybersecurity concepts

The traditional CIA Triad (Confidentiality, Integrity, and Availability) has long been a cornerstone of information security, providing a solid framework to protect data and systems. However, the rising presence of AI in our lives introduces new challenges that extend beyond the current scope of the CIA Triad. In this AI mini-series, we will analyse the … Continue reading How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction

Top things that you might not be doing (yet) in Entra Conditional Access – Advanced Edition

Top things you might not be doing (yet) in Entra ID Conditional Access - Advanced Edition

Introduction In the first post of the top things that you might not be doing (yet) in Entra Conditional Access, we focused on basic but essential security controls that I recommend you checking out if you do not have them implemented already. In this second part, we'll go over more advanced security controls within Conditional … Continue reading Top things that you might not be doing (yet) in Entra Conditional Access – Advanced Edition

Top things that you might not be doing (yet) in Entra Conditional Access

Top things you might not be doing (yet) in Entra Conditional Access

Introduction In this blog post, I focus on the top things that you might not be doing (yet) in Entra Conditional Access. It is not an exhaustive list, but it is based on my experience assessing many different Entra ID, formerly Azure AD, environments as a consultant at NVISO Security. The following points are, in … Continue reading Top things that you might not be doing (yet) in Entra Conditional Access

Scaling your threat hunting operations with CrowdStrike and PSFalcon

Introduction Most modern day EDRs have some sort of feature which allows blue teamers to remotely connect to hosts with an EDR agent/sensor installed, to aid in their investigation of incidents. In CrowdStrike, this is called Real Time Response, and it provides a wide range of capabilities, from executing built-in commands like ipconfig and netstat … Continue reading Scaling your threat hunting operations with CrowdStrike and PSFalcon