Imagen decorativa Avisos
Blog updated on 17/10/2024

Organizations face the constant challenge of adopting new security strategies, such as the Zero Trust model, which operates under the premise of "never trust, always verify." This change is crucial especially in cloud environments, where identity and resource access management is more complex. In particular, the Secure Web Gateway (SWG) is a key system, which focuses on controlling user access to the web, protecting against web-based threats, and enforcing security policies. It acts as an intermediary between users and the internet, filtering and inspecting web traffic to ensure it meets the organization's security requirements.

However, implementing and managing SWGs presents significant challenges, such as integration with existing infrastructures, managing complexity, and scalability. These challenges require meticulous attention to ensure effective and efficient protection in the changing cybersecurity landscape. This article explores the purpose and function of SWGs, as well as their architecture, their ability to protect against cyber threats, and best practices for their implementation.

Imagen decorativa Avisos
Blog posted on 08/08/2024

In the field of cybersecurity, CASB systems play a crucial role in providing an additional layer of protection for cloud applications. This approach prevents threats, detects malware, and ensures privacy in a digital environment, thereby addressing the growing need for data protection. 

This article explores how CASB systems work, their key applications, and their benefits in terms of security and privacy, ensuring that applications operate by protecting data in cloud environments and maintaining fine-grained control over cloud operations. From vendor assessment to malicious behavior detection, its versatility extends, offering benefits such as risk mitigation and improved cloud security.

Imagen decorativa Avisos
Blog updated on 18/07/2024

There are currently many standards and regulations in the industrial sector. A wide variety of them allow industrial organizations to check their level of maturity, such as IEC 62443, or to improve the security level of the organization through the application of a series of guidelines, good practices or guides, as in the case of the NIST Framework.

Given the growth of the industrial sector, and the increase in capabilities, both in production and connectivity, thanks to the consolidation of Industry 4.0 and the emergence of Industry 5.0, industrial environments are in the focus, not only of technological improvements, but also of cyber-attacks.

The application and implementation of the IEC 62443 family, in combination with the NIST Framework, will enable organizations to reduce, mitigate and control the possibility of suffering a cyber-attack by implementing the controls and best practices defined in both standards.

Imagen decorativa Avisos
Blog posted on 13/06/2024

The UN R155 and UN R156 regulations are of vital importance for vehicle cybersecurity. From July 2022, all car manufacturers that want to be type-approved must comply with both regulations, but from July 2024 this requirement will be extended to all new vehicles sold in the European Union, regardless of when the manufacturer obtained type-approval. One of the most important aspects of compliance with both regulations is the completion of a cybersecurity risk assessment of the vehicle, including all integrated components of the vehicle's supply chain. On the other hand, it also specifies how to incorporate cybersecurity from design, how to detect and respond to incidents, how to securely update vehicle software, etc. 

Imagen decorativa Avisos
Blog updated on 12/08/2021

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the PortMapper protocol, describing in detail the prevention, identification and response phases to follow.

Imagen decorativa Avisos
Blog updated on 25/06/2021

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the LDAP protocol, describing in detail the prevention, identification and response phases to follow.

Imagen decorativa Avisos
Blog updated on 17/02/2022

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the QOTD protocol, describing in detail the prevention, identification and response phases to follow.

Imagen decorativa Avisos
Blog updated on 11/11/2021

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SSDP protocol, describing in detail the prevention, identification and response phases to follow.

Imagen decorativa Avisos
Blog updated on 31/05/2024

En este post se presentan algunas líneas de actuación que deben seguirse para hacer frente a un ciberataque DrDoS basado en el protocolo CharGEN, describiendo detalladamente las fases de prevención, identificación y respuesta a adoptar.

Imagen decorativa Avisos
Blog posted on 16/05/2024

The M-Bus protocol is a common protocol in the industry in general, it’s daily use can be related to devices for measurements of electricity, gas, water, heating, etc. This protocol has a wireless variant called Wireless M-Bus and works through a hierarchical master/slave system, standardized according to EN13757.