Nettitude Blog

Effective cybersecurity relies on your team being alerted to potential issues within your systems and networks. However, the sheer number of alerts generated by improperly configured cybersecurity technology and frameworks causes analysts to develop alert fatigue, as countless false positives and minor issues lead to significant disruption and distraction.

With so many potential threats and a limited number of resources, it can be difficult to prioritise which alerts to investigate. As a result, your team may become overwhelmed and start to ignore or dismiss potentially serious threats. In addition, constantly responding to false positives can take valuable time away from other tasks, such as investigating potential incidents. So, what can we do to resolve the challenging problem of alert fatigue?

By Mike Buckley | Pre-Sales Consultant at Nettitude 

Firewalls have been around for many years in various shapes and sizes, from simple Access Control Lists, to full “Next-Gen” threat prevention and sandboxing. They have evolved to (mostly) embrace Cloud strategies and remain an important security tool, protecting important assets and securing workspaces. However, they are usually perceived as a necessary evil.

It can be common to encounter applications not working as they should be after a firewall has been implemented. By their very nature, Firewalls should be preventing a lot more traffic than they permit, and it can be a challenge to configure them correctly to allow this access whilst at the same time not reverting to an overly permissive policy. As a result, organisations can rush through the process, sending applications live with rules in place that are designed as a quick fix, rather than a long-standing solution.

In order to correctly onboard clients to NOC services, Nettitude’s Network Operations experts must examine the integrity of a firewall and its setup to ensure the basics are in place. In this blog post, we’ll take a look at the basics of configuring a firewall policy.

By Fan Zhang | Cybersecurity Business Manager, APAC

When we talk about “ICS (Industrial Control Systems) Cyber Attacks” to organisations, we often mention that the systems are absolutely disconnected (air-gapped) from the IT network and from the Internet, so they can never be compromised. But is this always true?

From the growing number of ICS attack cases, we know that it is not the case and in this blog post, Nettitude aims to define what an ICS cyber-attack is and how organisations can protect themselves against them.

By Vanessa Santos | Security Consultant at Nettitude

Json Web Tokens (JWTs) are commonly used in many applications to validate the client’s identity. The JWT token is provided during authentication in case of success and this is then used in all authenticated interactions to the application.

The validation of user’s identity is based on the user’s information stored in the JWT token which is signed by the server using JSON Web Signatures. The information exchanged within the JWT can also be encrypted using JSON Web Encryption however this is not widely used.

Although the JWT token can be used in web applications there is a number of caveats that come with the choice of implementing JWT authentication tokens that can result in them being hijacked.

In this article we will be discussing these security implementation issues and will uncover ways of preventing an attacker from hijacking JWT tokens.

By Mike Buckley | Presales Consultant at Nettitude

49% of US organisations have suffered a data breach in the past year. With almost half of the nation’s businesses losing critical data, something is surely wrong.

Data is considered as one of the most important assets a business can have; it’s essentially the life blood of any organisation. Yet two of the biggest concern’s businesses have is the privacy and security of their data - and rightly so as once it’s compromised, it can cripple an organisation rapidly. Research from the University of Maryland indicates that hackers are active across the globe every 39 seconds. This means that a single computer unit could be under attack multiple times, every minute of the day. But how would you know If there’s a security breach?

File Integrity Monitoring (FIM) software is one of the solutions to this challenge, yet many businesses are unaware that this tool is available to them. However, in the words of Nicolaus Copernicus – To know that we know what we know, and to know that we do not know what we do not know, that is true knowledge.

Been as you’ve landed on this blog post; you’ve taken first step is identifying that your organisation could benefit from FIM. The second step is to find out what FIM is and how it works exactly.

This is where we can help!

By Sam Bohnel | Security Consultant at Nettitude 

May 2017, the ransomware attack named WannaCry targeted computers running outdated and unpatched Microsoft Windows operating systems. The cyber-attack encrypted user’s files and unsuspecting victims were held at ransom to return their data. It was estimated the attack affected roughly 300,000+ plus computers worldwide.

One of the major victims of WannaCry was the National Health Service hospitals in England and Scotland, with up to 70,000 devices said to be infected by the ransomware cryptoworm. Critical medical devices including MRI scanners, blood storage refrigerators and theatre equipment were affected, resulting in severe disruption to the NHS and an estimated £92 million-pound expense.

WannnCry is just one case study of numerous health organisations becoming victims of cyberattacks. But, just why is the health sector such an enticing target for hackers?

By Jenny Wu | Senior Incident Response Consultant at Nettitude

The move to the Cloud and remote working models has changed the way networks are connected. Today, we are shifting focus from security to protecting assets rather than the traditional perimeter. Traditional anti-virus is no longer able to keep up with newer attacks and vulnerabilities, allowing compromises to occur more frequently; especially for the healthcare industry which is frequently targeted. They therefore need additional protection in the form of Endpoint Detection and Response (EDR) Tooling.

By Nettitude

Cybersecurity. While the rest of the world has almost shut down this past year, cybersecurity is one of those industries where the cogs keep on turning. In fact, the vulnerabilities of most other industries have created a sharp rise in cyber-attacks during this time. From ransomware attacks on the healthcare sector, to increased risk for financial services as organisations shift their focus to survival mode.

Our Head of Threat Intelligence and Advisory Consulting, Anthony Long, recently presented at the EVOLVE 2021 Webinar on "Cyber Security In A World Under Pressure." In the webinar, we took a look at the impacts of the pandemic and how this has triggered an increase in cybercrime. 

By Nettitude

Today, we’re excited to announce the launch of our Nettitude Bug Bounty programme .

Over the past few months, we’ve been running a Bug Bounty trial with a number of our clients, which we’re pleased to say has been successful. Now, we’re ready to open our Bug Bounty service up to the world.

By Nettitude

Today, just 19% of the technology sector is represented by females. While it’s true that the industry still has a long way to go in achieving true gender equality, we are slowly and surely beginning to see change.

Nettitude can attest to this. As an organisation within the technology sector, Nettitude are proud to be one of few organisations within our industry to be led by a female CEO. Under the direction of Karen Bolton our values and vision for the future are bright when it comes to women making an impact, in which each Nettitude colleague is viewed as an important and impactful individual, despite their gender.