Phase of a typical cyber adversary group's attack sequence, after the initial compromise and usually after the group has established a command and control channel, where the group moves through the victims network by compromising as many systems as it can, by looking for the data, it has come to steal or to destroy.

Learn more about your ad choices. Visit megaphone.fm/adchoices

A public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world. 

Learn more about your ad choices. Visit megaphone.fm/adchoices

A forensic technique where practitioners capture an entire image of a system and analyze the contents offline.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore episode of Word Notes.

A supply chain cybersecurity accreditation standard designed for the protection of controlled unclassified information that the U.S. Department of Defense, or DoD, will require for all contract bids by October, 2025. 

Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore episode of Word Notes.

A collection of people, process, and technology that provides an organization the ability to detect and respond to cyber attacks.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore episode of Word Notes.

Cybercriminals who lack the expertise to write their own programs use existing scripts, code, or tools authored by other more skilled hackers. 

Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore episode of Word Notes.

An isolated and controlled set of resources that mimics real world environments and used to safely execute suspicious code without infecting or causing damage to the host machine, operating system, or network.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Please enjoy this encore episode of Word Notes.

A stack of security software solutions and tools that allow organizations to orchestrate disparate internal and external tools which feed pre-built automation playbooks that respond to events or alert analysts if an event meets a certain threshold.

Learn more about your ad choices. Visit megaphone.fm/adchoices

A term of legal art that defines the types of data and circumstances that permits a third party to directly or indirectly identify an individual with collected data. 

Learn more about your ad choices. Visit megaphone.fm/adchoices

Enjoy this encore episode.

A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, an SD-WAN abstraction layer, and network peering with one or more of the big content providers and their associated fiber networks.

Learn more about your ad choices. Visit megaphone.fm/adchoices