About Soteria

This author has not yet filled in any details.
So far Soteria has created 33 blog entries.

AWS Multi-Account Management

The Challenge of Multi-Account Management in Amazon Web Services (AWS) By Anthony Baio AWS provides organizations with a powerful capability to build and scale with minimal overhead. An often-overlooked consideration when standing up these environments is developing a scalable way to securely manage identities and user access. Addressing this challenge early on will [...]

2021-03-17T14:28:54+00:00

Solarwinds Supply Chain Compromise – Recommendations

On December 13, 2020 FireEye released their research into the compromise of the SolarWinds Orion supply chain, resulting in the compromise of a significant number of organizations around the world.  Recommendations for incident response have been published by multiple entities with intimate knowledge of the situation, including FireEye, Microsoft, and the United States Department [...]

2021-03-16T00:13:17+00:00

Mitigating the Risk of RDP

Remote Desktop Protocol, known as RDP, is a service built into Microsoft Windows operating systems that allows a user to connect to a remote computer over the network. This capability makes remote access and management of computer resources easier, which leads to efficiencies for IT staff. Unfortunately, RDP is also commonly leveraged by criminals [...]

2021-03-16T00:13:40+00:00

New Year Information Security Resolutions

To actually achieve this year! New Year's resolutions always start with gusto. As time passes and obstacles arise, resolutions tend to fade before they are achieved. Soteria is here to guide you towards a sustainable resolution and successful start to the new year and decade that will help your organization grow its security capabilities [...]

2020-01-09T18:36:29+00:00

Pay Up

It’s happened, computer screens are filled with demands, data is encrypted and inaccessible, systems are disrupted, your backups were not protected (see our “Backup Plan” blog post) and you’re experiencing the panic of ransomware. What do you do? Try to negotiate with unknown attackers or start from scratch and rebuild your IT environment? Either [...]

2021-03-16T00:15:29+00:00

The Backup Plan

"Do we have backups?" It is one of the first questions during any ransomware incident. It seems like an easy question. “Of course we have backups, we’ve even tested it and fall back on them on a regular basis” is the common answer Soteria receives. Unfortunately, the reality of the situation is often that [...]

2019-10-02T15:54:55+00:00

Lexico vs Ransomware

Lexico vs. Ransomware Soteria recently has received urgent incident response requests from clients who had been hit with ryuk, banta, and, phobos ransomware. One of these clients had several systems already in the process of being encrypted when security professionals discovered the outbreak. After initial meetings and contracts were signed, through our Lexico [...]

2019-09-20T18:33:39+00:00

Detectors as Code

The Challenge of Detector Management Security operations and monitoring teams face a variety of challenges: the rapid evolution of adversarial tradecraft, poor detector documentation, lack of detector version control, poor detection methodology, lack of testing procedures, and change control processes that are slow and time consuming. These issues plague security teams of all [...]

2019-09-20T18:33:58+00:00

NYDFS Cybersecurity Ruling Challenges Businesses to Rethink Security

The large volume of financial, banking, and insurance firms doing business in New York makes the state’s financial services and insurance industry a rich environment for hackers. For this reason, it comes as no surprise to learn the New York Department of Financial Services (NYDFS) passed far-reaching and detailed regulations designed to protect New [...]

2017-06-26T15:46:21+00:00
Go to Top