Tag: Threat

Alert Logic Security and Compliance Suite

Posted on April 2, 2021 by Liquid Web | Updated: August 28, 2023

Category: Tutorials | Tags: Alert, Alert Logic, Audit, Backups, Code Analysis, Common Questions, Compliance, Compromise, Compromised Website, Content Security Policy, Data Leak, Diagnostics, Encryption, Fail2Ban, File Permissions, Firewall, Hacking, HIPAA, IDS, Intrusion, Intrusion Detection, Intrusion Detection System, Least Privilege, Linux, Logic, LUKS, Lynis, Malware, Passphrase, Password, Password Policy, PCI, PCI Compliant, Pen testing, Permissions, Remote Code Execution, Root, Scripts, Security, Security Policy, Security Practices, Server, SFTP, SQL Injection, SSH, SSH Keys, SSL, Threat, Threat Stack, Tool, Ubuntu, VPN, Vulnerability

Reading Time: 5 minutes

Introduction

Intrusion detection systems (IDSs) are an ever-present requirement in a cybersecurity infrastructure to ensure a server or internal network is protected. An intrusion detection system is either a hardware device or software program that actively monitors a server or group of servers for network policy violations or malicious activity. Any suspicious activity, attempted attack, or policy violation is reported and logged to a centrally located security information and event management (SIEM) system database, or directly to a security administrator for further review. This article explores Liquid Web’s intrusion detection product called Alert Logic Security and Compliance Suite.

Continue reading →

Guide to Installing and Configuring Vault

Posted on March 26, 2021 by Liquid Web | Updated: May 8, 2023

Category: Tutorials | Tags: ACL, Alert Logic, Algorithm, Algorithms, API, Audit, Backups, CentOS, Compliance, Compromise, Content Security Policy, Data Leak, Encryption, Fail2Ban, Firewall, Hacking, HashiCorp, HCL, HIPAA, IDS, Intrusion, Intrusion Detection, Intrusion Detection System, JSON, Least Privilege, Linux, LUKS, Lynis, macOS, Malware, Master Key, Passphrase, Password, Password Policy, PCI, PCI Compliant, Pen testing, Permissions, Root, Secrets, Secrets Engine, Security, Security Policy, Security Practices, Server, Shamir's Secret Sharing, SQL Injection, Threat, Threat Stack, Tool, Ubuntu, Vault, VPN, Vulnerability, Window, Zero Trust

Reading Time: 7 minutes

What is Vault?

Vault protects and secures access to multiple types of confidential data. It stores and manages sensitive password information, API keys, and access tokens that exist in a low trust environment and generates dynamic access to authenticate users to ensure they have authorized ingress and availability to a file, location, service, or application.

Continue reading →

Fully Managed Cloud App Infrastructure Protection (AIP) (formerly Threat Stack)

Posted on March 24, 2021 by Liquid Web | Updated: August 22, 2023

Category: Tutorials | Tags: Audit, Backups, Code Analysis, Common Questions, Compliance, Compromise, Compromised Website, Content Security Policy, Data Leak, Diagnostics, Encryption, Fail2Ban, File Permissions, Firewall, Hacking, HIPAA, IDS, Intrusion, Intrusion Detection, Intrusion Detection System, Least Privilege, Linux, LUKS, Lynis, Malware, Passphrase, Password, Password Policy, PCI, PCI Compliant, Pen testing, Permissions, Remote Code Execution, Root, Scripts, Security, Security Policy, Security Practices, Server, SFTP, SQL Injection, SSH, SSH Keys, SSL, Threat, Threat Stack, Tool, Ubuntu, VPN, Vulnerability

Reading Time: 5 minutes

Introduction

This article will review some of the more technical aspects of F5 Distributed Cloud AIP. F5 Distributed Cloud AIP is a platform-independent intrusion detection system (IDS) designed to provide users with a unique view into various integrated server security functions. It monitors both Linux and Windows servers as well as Kubernetes or other container-based server infrastructures to observe behaviors and detect malicious, uncommon, and risky activity.

Continue reading →

Microsoft Exchange Server Security Update

Posted on March 16, 2021 by David Singer

Category: Security | Tags: Alert, Alert Logic, Audit, Backups, Common Questions, Compliance, Compromise, Compromised Server, Content Security Policy, Data Leak, Diagnostics, Encryption, File Permissions, Firewall, Hacking, HIPAA, IDS, Intrusion, Intrusion Detection, Intrusion Detection System, Least Privilege, Malware, Microsoft, Microsoft Exchange, Microsoft Exchange Vulnerability, Remote Code Execution, Scripts, Security, Security Policy, Security Practices, Server, Threat, Threat Stack, Tool, Vulnerability, Windows, Windows Server

Reading Time: 4 minutes

Introduction

In this article, we provide updated information concerning the ongoing threat posed by the malware directed at Microsoft Exchange Servers noted in CVE-2021-26855. We also furnish the steps needed to update and secure your Microsoft Exchange Server. In a recent post, the Cybersecurity & Infrastructure Security Agency posted a priority security advisory regarding the recent Microsoft Exchange Server vulnerability. They state:

Continue reading →