Protecting BGP Sessions – Step-by-Step Guide to Prevent an Easy DDoS

Organizations are not protecting their BGP session. Take the time to ask the question …. Do we have our BGP ports protected? Are you: If not, work with your peers to deploy an Infrastructure ACL (iACL) to cover all your network devices, deploy specific data plane ACLs on your routers/switches to protect them, work with

Secure Coding? Don’t get Stuck!

We now have static application security testing (SAST) deployed. All should be good. No, all is NOT Good! The most challenging parts of any SAST tool deployment are the initial shock of potential vulnerabilities, coding errors, and risk. When I come into an organization for an audit, it is common to find their SAST tool Read More

CISOs, get your First Sergeant

Behind Every Effective CISO, a First Sergeant is Clearing the Path for the organization’s success. The way we’re setting up our CISO structure is NOT working as expected. The threats keep on coming. Organizations put their fingers in the dike, plugging security risks while exhaustingly bailing water from a sinking boat. This is a no-win Read More

Protect your BGP Sessions from DDoS Attacks

Networks that think they are “DDoS resilient” get surprised when their BGP Sessions go down from an easily crafted DDoS. BGP port (179) is left open to the Internet and is an easy target for a low-level attack that will knock down your BGP session. Shodan’s BGP Report 325,082 open port 179 instances (June 2023). Read More

Why Are Cybercriminals Targeting Healthcare?

Why are cybercriminals targeting healthcare when the medical community puts patients first? Why are cybercriminals taking actions that threaten people’s lives at risk? The focused cybercriminal targeting of healthcare is now an increasing cause of death. Is this data suppressed? Why? The liability insurance covering all the healthcare community’s medical care would skyrocket. The closure