Avertium

In Ransomware-as-a-Service (RaaS), threat actors act as service providers, renting out their ransomware capabilities to other threat groups. Clop for example, a widely acknowledged ransomware group, has adopted the RaaS model. This kind of decentralized strategy makes it difficult to track and capture the individuals responsible for attacks. This report serves as a guide for RaaS model and dives into how organizations can harden their defenses against the threat actors who leverage it: https://loom.ly/AapfuDg #RaaS #ransomwareattack #ClopRansomware #RaaSmodel #threatintelligence

Inheritance is a great thing—and we don’t mean the kind involving a long-lost rich uncle. It’s a #HITRUST feature that confers if you use Microsoft Azure, Microsoft Dynamics, Office 365, AWS, Snowflake, etc. Those companies have to do their own HITRUST certification every year, which means the client that we work with can benefit from inheritance from their completed assessments. How that takes shape: In one case, we worked with a client that had 550 controls on their r2 assessment. One application they were certifying in their assessment was in AWS (all their employees were remote, so there was no on-prem infrastructure). We were able to help them inherit 150 of those controls from #AWS. That meant they didn’t have to provide evidence for those controls. It’s a lighter lift. https://loom.ly/gNzY14A ??: (Image from HITRUST’s 2024 Trust Report)

Adversaries are constantly looking for exploitable weaknesses. Proactively searching for these weaknesses with a penetration test can reduce the risk of a breach and potentially eliminate the need for costly recovery measures. Our blog takes you through the different types of pen tests, elements of a quality pen test, and what type of penetration test is right for your business. Read it here: https://loom.ly/z0XziKg #penetrationtest #pentesting #socialengineering

As an enabler for a criminal economy worth trillions, the dark web allows threat actors to buy and sell stolen data, hacking tools, DIY guides, service-based offerings and much more. This article explains how your data ends up on the dark web, how you can check, what to do if your data has been stolen, and how to stay safe in the long-term. More here: https://loom.ly/VgFG5rs #darkweb #threatactors #threatintelligence

Join us in congratulating our outstanding Elements with service anniversaries in November ???? Thank you for all you do for Avertium each and every day! #AssessDesignProtect

Healthcare organizations are up against a unique set of challenges this year that create a perfect storm of cybersecurity threats: ?? Highly sensitive patient data / PII ?? Many users using the same workstations ?? A high volume of operational technology (OT) ?? Often outdated technology and cybersecurity controls The good news? The emergence of new AI cybersecurity tools has created opportunities to help healthcare organizations in the ongoing fight to stay ahead of cyber threats. Learn how Microsoft Copilot for Security can be harnessed in the healthcare industry: https://loom.ly/FN89Wcg

The #MSIgnite countdown is on! Will we see you there next week? Let us know! The Avertium team will be in attendance at both the pre-day and in-person Chicago conference on 11/18-11/21. We can't wait for a week of networking and learning what new announcements & opportunities Microsoft has in store for us. https://loom.ly/wULM0jo #MISA #MicrosoftSecurity Ben Masino Tran Tran Rob Wille Adam Perfetti Clay Bowlin Michael Leggett, CISSP

??? : Today, Avertium announces the launch of its Fusion Engine 2.0 (FE2), a Microsoft-powered next-generation advancement in managed extended detection and response (MXDR). The proprietary platform drives Avertium's Fusion MXDR for Microsoft, a comprehensive 24/7 MXDR service designed for customers utilizing the Microsoft security ecosystem. "By leveraging and building on and around the Microsoft MXDR platform with their own proprietary capabilities, Avertium provides the highest level of security value to customers," said Microsoft CVP Kelly Bissell. Read on to learn more about FE2: https://loom.ly/P_boLGM #FusionMXDR #AssessDesignProtect #MicrosoftSecurity

In the past year alone, cyberattacks have skyrocketed ?? The sophistication of these attacks demands a paradigm shift in how healthcare entities approach identity and network security. Our blog discusses the security foundation that healthcare organizations should implement for proactive protection - starting with IAM with the help of Microsoft Entra ID. Read it here: https://loom.ly/RCuV7fY

Today, we celebrate our veterans, including some of our own with a combined 108+ years of service. Thank you for your service and the sacrifices you have made to protect our freedoms!