Elemental Cyber Security Blog

Elemental Cyber Security Blog Articles:


ESP regkey

by: Elena Garrett

Compliance in the Age of Limited Resources

The case for Security Compliance Automation

The number and complexity of the compliance standards that organizations are expected to meet continue to grow. At the same time, these organizations are finding themselves faced with an acute shortage of trained cyber security and compliance professionals. As more and more processes interact with the sensitive data and fall into the scope of compliance, the shortage of security...

Continue reading here >>>

ESP regkey

by: Elena Garrett

Elemental RSC 80/20 - solving the risk, security, and compliance dilemma

The Elemental RSC (Risk, Security, Compliance) approach aligns cyber Risk (R), Security (S), and Compliance (C) controls into a single workflow. It can be used to improve cyber security, reduce risks, and achieve compliance using a set of strategic, resource-conscious project cycles. Each cycle focuses on identifying and remediating 20% of issues that account for 80% of cyber risk within the organ...

Continue reading here >>>

ESP regkey

by: Elena Garrett

Elemental Dynamic Grouping

Dynamic Grouping is the automated process by which the Elemental Security Platform (ESP) manages the membership of host groups, and it is one of the key functionalities of ESP. ESP collects a variety of information about managed hosts, and transforms this information into potential "group parameters." These parameters can be mixed and matched to create very broad or very granular host group definitions. Here are some examples of custom ESP group...

Continue reading here >>>

ESP regkey

by: Elena Garrett

Elemental Micro-Segmentation vs. Traditional Network Segmentation

What is network micro-segmentation? How is it different from what most companies do now? How does micro-segmentation affect network security? Let's explore!

Micro-segmentation in cyber security

Most companies today use network-dependent segmentation. A traditional approach to network security was built around a strong network perimeter defense and utilized concepts like subnets, ports, protocols, a...

Continue reading here >>>

ESP regkey

by: Elena Garrett

Augmenting your patch management strategy

According to Microsoft Security Report 2017, hackers and malicious intruders know that nearly all organizations are vulnerable, and often first reach for the lowest-hanging fruit: exploitable weaknesses in legitimate applications. Nearly 21 thousand vulnerabilities for wired and wireless devices were identified in 2017 alone, and a large number of them will trigger a patch of some soft to be issued. With so many vulnerabilities ...

Continue reading here >>>

ESP regkey

by: Elena Garrett

TLS security assurance and audit preparation with ESP

From SSL to TLS

The migration from SSL /Early TLS to TLS 1.2 and 1.3 is currently underway. The PCI Security Standards Council made the requirement for the migration official in PCI DSS v3.2.1. Microsoft announced the end of support for TLS1.0 and 1.1 in Office 365 as of October 31, 2018. Services like DigiCert, ZenDesk, and Salesforce have pulled support for those protocols during 2018, as well. Chrome, Edge, IE, F...

Continue reading here >>>