Sign in


Ransomware is the most prevalent cyber threat facing most organizations today. With purple team testing, organizations can verify their detection and response capabilities against this growing threat.

We built a tool for our purple teaming assignments that models ransomware attacks and can help companies improve their defenses. In this blog post we describe the tool, compare detection capabilities of popular endpoint detection and response (EDR) tools and explain what readers should take away from our findings.

Ransomware is big business for cyber criminals

In business environments, ransomware detections increased 365 % and ransomware was related to one-third (28%) of security incidents in 2019. The problem is not…

Secure software development life cycle models propose static code analysis testing as a best practice for development. The purpose of static code analysis testing (SAST) tools is to detect bad code, bugs and potential security issues.

There are free and commercial SAST solutions available. Does it make a difference which one to use? We put some of them to a test to find out how they fare in uncovering security vulnerabilities.

How to benefit from SAST tools

Programming mistakes generate bugs, and bugs can be exploited as security vulnerabilities. SAST tools are used to discover bad code as soon as possible, before it becomes part of…

In our previous article, Cloud WAF Comparison Using Real-World Attacks, we compared security performance of four cloud Web Application Firewalls. We received a lot of feedback on the article as well as suggestions for expanding the testing with more services. In this follow-up article we will have a look at how three additional cloud WAFs perform. The test method is the same as before so the results should be comparable to the other cloud WAF providers tested in the previous article.

Are the three cloud WAFs from Alibaba, Google, and Cloudflare able to wipe the floor with the rest?

Test setup


Within the past days and weeks, many companies globally have taken the steps to guide their workforce to stay home and work remotely in order to limit the threat of the Coronavirus disease (COVID-19) outbreak. In this article we are taking a look at the cyber security threats relevant to remote work and how to address these potential problems in your business environment.


Remote work comes with its own peculiarities and it takes some time for unfamiliar teams time to find ways of collaborating that work efficiently between the team. By physically distancing (i.e. social distancing) employees from each other…

Part 2 of this article is now available here.

Many teams consider use of Web Application Firewalls (WAFs) as a best practice or a compliance requirement when implementing web applications. All firewalls are used to control and monitor traffic. A WAF is a specific firewall that is designed to identify and prevent attacks from web application traffic. The expectation is that the firewall will prevent command injection attacks, cross-site scripting attacks, protocol violations, and other common attacks against web applications.

Are the cloud WAFs any good in blocking common web application attacks? …

Agile methods and DevOps have increased the speed of software development. This has challenged traditional approaches to software security work. Today we need to make sure that we also increase the pace of security with the means of DevSecOps. In this article, I’ll present a framework and how to get started with key DevSecOps domains and activities.

Back in the day, developers, testers, networks, platforms, and operations were separate IT teams. Between the teams there were formal procedures often described as gates. Once, those gates were considered a security best practice. Their function was to make sure that the security…

In my previous blog, I discussed similarities of the Vietnam aerial warfare with today’s business challenges in the digital world. In this post, I’ll share my view on how to construct a practical training program — your own version of Top Gun — for improving your organization’s cyber breach management.

Photo by Jonathan Simcoe

Let’s discuss some terms first. Not all cyber security events are alike. An incident, a breach, and a cyber crisis are all different situations. They also come with varying levels of severity to the business. An incident is an event that puts the data and systems in danger. An incident…

One of the most common misconceptions about cyber security among business leaders is that it is fundamentally a technical issue that should be solved with means of technical resilience. In this blog, I’ll visit some dusty memories from the 1980s and compare the Vietnam War to today’s business challenges in the digital world. In the second part of this blog, I’ll share my view on how to construct a practical “Top Gun” training program for improving your organization’s cyber breach management.

A formation of fighters of the Navy Fighter Weapons School (Photo: Wikimedia Commons)

I was thrilled to see the new “Top Gun — Maverick” trailer last July. Growing in the 1980s I…


Positive stories about cyber security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store