advanced-menu-icon

Cybersecurity in ATM : Endpoint Detection and Response (EDR) logs

Endpoint detection and response (EDR) provides continuous monitoring and analysis of endpoints, aiding incident response teams in efficiently managing threats and reducing overall response times in cybersecurity operations.

Read the blog

Cybersecurity in ATM : Using the Security Stack for Investigations – Password Reset Logs

This article explores cyber investigations through leveraging the Security Stack. It sheds light on the role of password reset logs in swift breach detection and mitigation.

Read the blog

Cybersecurity in ATM: Leveraging Anti-Virus Logs for Incident Response

As part of our series on how incident response teams leverage different parts of the security stack for investigations, we now are going to look at how anti-virus logs are used and can be used.

Read the blog

Cybersecurity in ATM : Incident Response using the Security Stack – Office 365 Logs

As part of our ongoing series regarding how each part of an organization’s security stack helps the incident response and forensic teams perform their analysis, we are going to now discuss Office 365 logs and the details it captures as teams interact with services held there. 

Read the blog

Cybersecurity in ATM : Taking Apart the Security Stack in Incident Response (Part 2) - Investigations Using Proxy Logs

This article explores incident response investigations using proxy logs to uncover security gaps in email filtering.

Read the blog

Cybersecurity in ATM : Taking Apart the Security Stack in Incident Response (Part 1) - Email investigations

Malicious actors regardless of motivation, whether financial or hacktivism, tend to look for the path of least resistance. In many data breaches, when forensic teams investigate the root cause, they end up tracing it back to email as the initial vector of the breach, where it all began. The reason this turns out to be the most lucrative for all attackers is the fundamentals of human psychology.

Read the blog

Air Traffic Management And The Critical Role of Public Key Infrastructure (PKI)

Aviation is dependent on several components, including guidance and navigation tools, onboard systems, software updates, network components, access points, and log file analytics. Functioning both on the ground and in the air, aviation is classed as a critical infrastructure.

Read the blog

The Importance of Cyber Threat Intelligence Sharing Across the Aviation Sector

The aviation sector plays a critical role in allowing people to travel domestically and globally. Millions of people rely on the safety, security and resilience of airlines, airports and the systems that support them.

Read the blog

Cybersecurity in ATM - The Importance of CSIRT Visibility within an Organization

When there is a limited visibility to a CSIRT team within a company, there is a restricted understanding of risk. This then has a major impact on trust, confidence, collaboration, and ultimately, budget and resource security.

Read the blog