Blog Posts

Research, Updates, Trends, Analysis
Join Mitiga at RSA Conference 2022 in San Francisco

Are you headed to the RSA Conference in San Francisco? I'm excited to be attending for the first time in quite a few years. It’s the first time many of us — attendees, exhibitors, speakers, and staff alike — are participating in a large-scale conference in person in two years. We’re hoping to make it fun and engaging for everyone we see at the conference. To do that, we have some plans...

Lessons Learned from WannaCry: Are We Ready for Another Global Attack?

Five years ago, the WannaCry ransomware cryptoworm targeted computers running Microsoft Windows, encrypting data at organizations around the world. The attackers demanded a ransom of just $300 worth of bitcoins within three days or the files would be permanently deleted. The cryptoworm leveraged the EternalBlue exploit, which the National Security Agency developed to attack older Windows Systems.

SaaS Breaches: How to Think about Security in Cloud Apps and Services

The Okta breach is yet another indication of what we have been seeing for the past few years in the cybersecurity industry, particularly in the incident response practice, demonstrating the increased sophistication and capabilities of various attack groups.

Cyber Resilience - Why & How to Start Building It In Your Organization

Cyber resilience is the ability of an organization or entity to continue to deliver services or solutions even in the face of adverse cyber events, such as cyberattacks. Cyber resilience combines elements of information security, business continuity, and organizational resilience.

The real value of tabletop exercises (and how to pick the right one)

A cybersecurity incident response tabletop exercise (TTX) is an activity conducted as a discussion exercise. There can be multiple goals of a TTX, but a common goal is to review processes and procedures to identify gaps and dependencies in organizational response to an incident.

An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane

The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms. For example, imagine a system that is completely “firewalled off”—a firewall prevents any inbound or outbound connections from the machine.

7 Best Practices for Cloud Incident Response

Regardless of the specific details of a breach, organizations must be prepared to respond when one occurs. The more organizations move applications and services to the cloud, the more it is important to plan for cloud incident response. These seven best practices will help you get started.

Are You Ready for These 5 Common Security Risks of Cloud Computing?

The cloud environment is the future for every industry. From finance to entertainment to healthcare, cloud computing helps businesses compete with increased flexibility, availability of information, and access. But just like on-premises, data center-based computing, moving to cloud environments and SaaS applications brings their own cybersecurity risks.

Planning for Attacks: How to Hunt for Threats in BigQuery - Part 1

Because BigQuery stores so much sensitive data, it’s an extremely appealing target for threat actors, and our research showed ways to exfiltrate data. This information helps us better research critical incidents in environments that leverage BQ, so we can accelerate the IR process and help customers get back to business as usual.

Want to stay up to date on the latest Mitiga news and research? Subscribe to our blog!