Accelerynt, Inc.

Today, we published an advisory, Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a U.S. Critical Infrastructure Sector Organization. Lessons learned from this assessment that can benefit all organizations include: - Assess and ensure sufficient controls to prevent and detect malicious activity; - Require continuous training, support, and resources to implement secure software configurations and detect malicious activity; and - Effective organizational leadership will not minimize the business risk of known attack vectors or deprioritize the treatment of a vulnerability their own cybersecurity team identifies. Also, the findings in this advisory illustrate the outsized burden and costs of compensating for insecure software and hardware borne by critical infrastructure owners and operators. CISA urges software manufacturers to embrace Secure by Design principles and implement the recommended actions and mitigations to improve security outcomes of their customers from real-world threats. Network defenders and software manufacturers are encouraged to review this advisory: https://go.dhs.gov/U8Y

As shared during #MSIgnite, Microsoft Security Copilot capabilities now extend beyond SOC teams, empowering data, identity, and IT teams to leverage AI-driven insights and automation. We've also introduced a new use case detailing how SOC analysts can use Security Copilot to assess and manage incidents. Security Copilot can support analysts tasked to investigate and remediate large incidents involving multiple alerts and entities. Security Copilot capabilities can help in understanding the attack overview, providing analysis for malicious scripts, providing context for named attacks, and in performing the necessary steps to remediate the threat. Learn more here: https://msft.it/6047WtYdX

In observance of National Critical Infrastructure Security and Resilience Month, along with the Office of the Director of National Intelligence, we released NEW guidance to assist critical infrastructure owners and operators to detect and mitigate efforts by foreign intelligence entities to disrupt U.S. critical infrastructure. As a nation, we are seeing continued cyber and physical threats to critical infrastructure Americans rely on every day. U.S. adversaries and their foreign intelligence entities understand the importance of the critical infrastructure sectors and how degrading them could hinder our national response to events. Resolve to #BeResilient. Read more about the threat and mitigation steps at https://lnkd.in/e-n8Z6nw

Does your organization face challenges with implementing phishing-resistant authentication, such as Fast IDentity Online (FIDO) capabilities? Today, with USDA, we published a report that outlines how USDA overcame phishing-resistant authentication enforcement challenges. If your organization faces similar challenges, we encourage you to review this report to see if you can implement similar actions as USDA and provide stronger security for your people. https://go.dhs.gov/U7E

As part of our Secure Future Initiative and to further the security of our customers, ourselves, and the world, today we are introducing the most transparent security research event in history: The Zero Day Quest. This new hacking event will be the largest of its kind, with an additional $4 million in potential awards for research into high-impact areas, specifically cloud and AI. Starting today, the quest kicks off with a research challenge where vulnerability submissions in targeted scenarios are eligible for multiplied bounty awards. Submissions can also qualify researchers for a spot in the onsite hacking event in Redmond, WA, in 2025. Learn more in our blog post: https://msft.it/6049WSsX5 #ZeroDayQuest

Elevate your understanding of reasonable cybersecurity with our on-demand webinar. Gain insights from technical, legal, and public policy experts on defining and implementing reasonable security. https://bit.ly/3UTnKrT #reasonablecybersecurity #CISControls

We launched CISA Learning, a centralized and scalable Learning Management System! This new platform is a one-stop shop for classroom courses, virtual training, and self-paced learning, designed to meet the needs of our evolving workforce. CISA Learning replaces FedVTE, bringing all our programs under one secure, easy-to-access platform. Learn more about this transformational step: https://go.dhs.gov/Uh7

As part of the Shared Responsibility Model, CIS continues building security guidance in cloud computing environments. Take the next step in your cloud security program with our latest resources. https://bit.ly/3y7ZhHe #CISBenchmarks #cloudsecurity #cybersecurity

At the FBI Academy in Quantico, new intelligence analysts don't just learn the ropes—they experience the intense, collaborative environment they'll face in the field. In the classroom, they tackle simulated crises, like a hotel bombing linked to terrorist activity, to hone their skills in data analysis, pattern recognition, and threat assessment. These scenarios mirror real-life situations, integrating their role with that of FBI special agents to build seamless teamwork right from the start. As an intelligence analyst in training, you'll explore everything from analytical methodologies to critical thinking frameworks, building a foundation for your future casework. Completing more than 90 hours of specialized instruction and real-world exercises, analysts emerge from Quantico ready to provide crucial insights that drive investigations and inform strategic decisions. If you're driven by a passion for connecting the dots and ready to take on critical roles in national security, consider becoming an intelligence analyst and embrace the chance to learn, grow, and protect our nation through an impactful career at the FBI. Set yourself apart. Learn more about the intelligence analyst application process today. https://ow.ly/X2pv50U1Axb #FBI #FBIJobs #Hiring #SpecialAgent #Quantico #Training #LawEnforcement

The use of AI apps in day-to-day work has become our new reality—and organizations must change their data security approach to adapt. The 2024 Microsoft Data Security Index reveals the controls teams can implement to maintain a strong posture: https://msft.it/6042Wi0yk #DataSecurity #AI