The Latest
The Latest Network Security Sales Index (NSSI)
December 2018
HardenStance releases the syndicated report “Network Security Sales Index” free of charge on a quarterly basis. Download the latest NSSI report now. To register to receive all future editions, visit the subscription form.
Briefing: An ATT&CK-Like Framework for Telcos
Will operators step up and support two enterprising individuals from Ericsson and Nokia in defining an ATT&CK-like Framework for the telecom sector?
Briefing: Deploying STIR/SHAKEN as a Service
All but the largest telecom operators should be looking at deploying the STIR/SHAKEN standard for blocking unwanted calls as a service, managed by a vendor partner, rather than building out their own infrastructure.
White Paper: What to Expect from MDR and MDR Providers
Managed Detection and Response (MDR) is a critical cybersecurity service category. Sponsored by AT&T, Secureworks, Fortinet and ElevenPaths, this White Paper guides users on what to expect both from their provider and themselves in an MDR partnership.
Briefing: MITRE’s ATT&CK Evals Are Out: Cheers!
The new MITRE ATT&CK Evaluations offer free access to high quality, comparative data on EDR product detection capabilities against APTs on an unprecedented scale. Those that need to - and know how to - can make good use of this data.
Briefing: New STIX & TAXII Releases Approved
The new open standard STIX and TAXII 2.1 releases have been approved by OASIS. A new self-certification program should help drive adoption and enable SOC teams to arrive at faster time to detection and time to mitigation.
Briefing: Orange Funds New CI/CD Security Tool
Orange Polska has released Mixeway, an open source CI/CD security orchestration tool. It needs a lot more work but the GUI and aspiration to correlate vulnerability testing across security tools make it worth taking a look at.
White Paper: A New Era in Trusted Network Security Testing
By defining open and transparent network security testing specifications, the leading NGFW vendors supporting NetSecOPEN are looking to usher in a new era in trusted network security testing.
Briefing: A10 Helps SKT Build Leadership in 5G
SKT is a world-leader in 5G. This HardenStance Briefing depicts the operator's strategy for 5G services and applications and the contribution A10 Networks is making to SKT's supporting network and network security infrastructure.
White Paper: A Blueprint for a Cloud Native Telco
Cloud Native principles and tools are now the only way forward for telcos to achieve their digital transformation goals. This White Paper articulates what this means in terms of working practices, development and operations models and new security requirements.
Briefing: Ericsson and Nokia Complete 5G CyberHack
80 hackers gathered in Oulu, Finland, over the last week-end of November 2019 to crawl all over Ericsson and Nokia's 5G network products and see what flaws they could find. HardenStance attended and published this Briefing on what happened and why it matters.
Briefing: Telcos Invest in Fake Infrastructure
Some telcos are investing in deception technology. According to Attivo Networks, one telco customer found enough unauthorized and malicious behaviour by employees to warrant firing them on the spot. There are telecom infrastructure use cases too.
Blog: AR for Cyber Training? I’m In
I took the AT&T Chief Security Office "Security Challenge" at the AT&T Business Summit in Dallas last week. Here's what I made of it.