Blog | Legion Cyberworks

2025-01-082025-01-13Blog

New HIPAA Proposal for 2025

Since its enactment in 1996, HIPAA compliance has been a top priority for healthcare industry leaders, with the primary goal of protecting patient information. In 2005, these regulations were expanded with the introduction of the Security Standards for the Protection of Electronic Protected Health Information, also known as the “Security Rule.” This set of standards was designed to safeguard electronically stored patient data, with the last update occurring in 2013. […]

2024-10-302024-10-30Blog

The Rise of Identity-Related Cyber Threats: The Need for Broad and Proactive Security

Understanding the Threat In today’s threat landscape, monitoring account activity is essential to prevent catastrophic cyber incidents. Identity-related cyber threats, such as Business Email Compromise (BEC) and Account Takeover (ATO), are on the rise, exposing sensitive information and disrupting operations. These attacks often leverage network access points like VPNs, further expanding an adversary’s reach and the potential impact on your business. To illustrate the stakes, consider a recent ransomware attack […]

2024-10-302024-10-30Blog

What is Identity Threat Detection and Response (ITDR) and Why is it Important for Your Business?

Detect and Prevent Identity Based Attacks In an era where cyber threats are becoming increasingly sophisticated, securing your business’s digital identity is more critical than ever. Attackers target credentials and accounts, exploiting them to breach networks, steal sensitive data, and disrupt operations. This is where Identity Threat Detection and Response (ITDR) steps in as a vital cybersecurity strategy. What is ITDR? ITDR focuses on detecting, responding to, and preventing identity-based […]

2024-10-152024-10-15Blog

2024 Cyber Survival Kit

Cyber Survival Kit: Protecting Your Business Through Prevention, Detection, and Response In today’s evolving cyber threat landscape, preparation is not just an option—it’s a critical business need. Without a proper plan, businesses put themselves at risk for all manner of cyberattacks, including ransomware, insider threats, and more. But what makes up a proper plan? There are three pillars that all businesses must look to when designing their cybersecurity strategies. Namely, […]

2024-09-092024-09-11Blog, Risk Management

Assumed Breach Exercise: Verify Your Security Program

In today’s rapidly evolving cyber threat landscape, even organizations with mature security programs can’t afford to implicitly trust that their security controls are functioning as designed, or that they have all their blind spots covered. Traditional security measures, while crucial, are no longer sufficient on their own. This is where assumed breach exercises come into play—an advanced approach to testing and enhancing your organization’s cybersecurity posture. What Are Assumed Breach […]

2024-05-232024-05-23Blog, Risk Management

Prevent Breaches With Continuous Pentesting

In the rapidly evolving landscape of cybersecurity, the traditional methods of securing networks and systems are increasingly proving inadequate. The stakes are high: a single breach can cost a company millions of dollars, not to mention the potential damage to its reputation and customer trust. Enter NodeZero from Horizon3.ai—an autonomous continuous pentesting platform that promises to revolutionize how we defend against cyber threats. In this blog post, we’ll explore what […]

2024-01-262024-01-26Blog, Risk Management

Secure Your Web APIs

Safeguard Your APIs with Legion Cyberworks Penetration Testing Services The recent revelation that a seemingly innocuous Trello API function exposed 15 million email addresses underscores a critical reality: in today’s hyper-connected world, APIs have become prime targets for malicious actors, necessitating robust and proactive security measures. While APIs offer unparalleled functionality and connectivity, their inherent accessibility also creates a vast risk landscape if not secured with rigorous AppSec protocols. Imagine […]

2023-10-092023-10-09Blog, Risk Management

Unlocking Business Success: The Benefits of Penetration Testing

In today’s digital age, cybersecurity is paramount for businesses of all sizes. As cyber threats continue to evolve, organizations must take proactive measures to safeguard their sensitive data, reputation, and bottom line. One invaluable tool in the cybersecurity arsenal is penetration testing. This article will delve into the benefits of penetration testing for businesses. What is Penetration Testing? Penetration testing, often referred to as ethical hacking, involves simulated attacks on […]

2023-10-032023-10-03Blog, Risk Management

Securing Your Web Applications Against Attack

In an increasingly interconnected world, the security of web applications is paramount. Cyber-attacks are becoming more sophisticated by the day, making it essential for developers and businesses to fortify their digital fortresses. In this one-page blog, we’ll explore key strategies to harden your web application against cyber-attacks and bolster your online defenses. 1. Regular Updates and Patch Management: Keeping your software up-to-date is the first line of defense. Cyber-criminals often […]

2023-07-282023-07-31Risk Management

Importance of Red Teaming

Core Concepts (TL;DR) Red Teaming is an essential security control that is not limited to larger firms with bigger budgets or bigger problems to solve. Red Teaming is effective and often appropriate even at early stages of your cybersecurity journey Pentesting allows organizations to assess the effectiveness of its security controls (trust but verify). Continuous pentesting services, like what we offer at Legion Cyberworks, ensures that your controls are […]