Who’s Afraid of ETW? GuardiCore Guide to Building a Robust Windows Agent

As true believers in collaboration in the cyber industry, we continue to open a window to our interesting projects. We hope it will benefit the community and encourage others to do the same.  Several months ago we published the source code for our Infection Monkey project and today we are revealing how we built our Windows Agent to support GuardiCore Reveal, the data center and cloud visibility and segmentation policy component of our flagship product, GuardiCore Centra.
Read more

Four Good Reasons to Visit GuardiCore at RSA Conference 2017

GuardiCore is changing the way organizations secure their internal data centers and clouds, with cutting edge technology that helps our customers rapidly detect and respond to active breaches. We would love the opportunity to show you how. Yes, we know everyone at RSA is busy. An overwhelming number of vendors. Too many meetings. Late night after-hour parties. But while you are there, we encourage you to take 15 minutes to visit us in booth #N4321. Here are four good reasons why.

Read more

As Yahoo Breach Sinks In, Here’s How to Secure Your Data Centre in 2017

It’s certainly not what Yahoo or its customers would have wanted. But news of the biggest data breach ever recorded serves as a timely reminder of the threats facing the modern data centre as we head into the new year. The internet pioneer may be an extreme example, having now allowed cyber thieves to steal data from 1.5 billion accounts. But organisations of all sizes should see it as a cautionary tale. They need to wake up to the threats facing their data centres or risk following in Yahoo’s footsteps.

Read more

GuardiCore ❤ IPv6

Earlier this month, Amazon announced a long awaited feature – IPv6 support for EC2 instances! Amazon is the first of the three big public cloud providers (together with Microsoft and Google) to offer direct, all-the-way-to-the-instance IPv6 connectivity.

IPv6 makes life easier for AWS deployments. Unlike IPv4 addresses, which are split to private and public ones with a NAT in between, each EC2 instance has only a single, internet routable IPv6 address. No NATs, no complex networking setups – One Address To Rule Them All. This greatly simplifies network deployments, while maintaining the ability to build more complex structures. Amazon also provides a simple way to turn IPv6 addresses to “private only” with an egress-only Internet gateway.

Needless to say, GuardiCore Reveal supports IPv6 out of the box.

Read more

Advanced Data Centre Security the Key for Under Fire Transport Sector

Cyber attacks against the transport sector are nothing new. Those of you with long memories will recall how the SoBig virus caused major disruption to the US rail network all the way back in 2003. But the sheer breadth and persistence of threats facing the industry today is largely unprecedented. Just recently San Francisco’s “Muni” transport agency was on the receiving end of a ransomware infection which  caused Muni to take its payment systems offline for two days, allowing Muni riders to travel for free, costing the transportation system a few days of lost revenue.

It’s yet another reminder that when it comes to transportation, attacks on the data centre must be detected and remediated as quickly as possible to minimise their impact.

Read more

Black Friday Sales Rush Puts Spotlight on Data Centre Security

E-retailers are coming up to the biggest shopping period in the year as the annual Black Friday and Cyber Monday sales events at the end of November slide into the December holiday season. In the UK, shoppers spent more than £3 billion over the weekend last year with many of those sales coming online. It’s clearly a fantastic revenue making opportunity for e-commerce providers. But it also represents a great window of opportunity that hackers could exploit to steal valuable customer personal and financial data. Cybercriminals love Black Friday as it allows them to go unnoticed in the increased volumes of transactions and internet traffic.

Read more

Developing Advanced Data Centre Security for Under Fire Healthcare Organisations

British healthcare organisations, like their counterparts in the US and Europe, are currently facing a deluge of ransomware that threatens to overwhelm systems. Widely reported figures gleaned from an FoI request reveal nearly half (47%) of NHS Trusts in England have been infected over the past year. This is just the tip of the iceberg. Ransomware is one of many online threats facing healthcare IT bosses coming to terms with the fact patient data is increasingly highly sought after on the dark web.

The mission criticality of IT systems, rigorous compliance requirements and often stretched resources make securing these environments even more challenging. That’s why IT buyers need to consider a new approach designed to focus on east-west traffic inside the data centre.

Read more