Assessing Critical Cyber Risks with UpGuard

Given the complexity of modern information technology, assessing cyber risk can quickly become overwhelming. One of the most pragmatic guides comes from the Center for Internet Security (CIS). While CIS provides a comprehensive list of ...

UpGuard Capability: Demonstrating DFS 23 NYCRR 500 Compliance

UpGuard makes a cyber resilience platform designed for exactly the realities that necessitate regulations like New York State Department of Financial Services 23 NYCRR 500. On one hand, businesses need to store, processes, and maintain ...

Visualizing Cyber Risk with UpGuard's Home Page Dashboard

Why dashboards? Nobody’s perfect. Success is almost always determined through trial and error, learning from mistakes and course-correcting to avoid them in the future. The length of this cycle— from experiment to result, incorporated into ...

Monitoring AWS with UpGuard: Instances, Load Balancers, and Security Groups

So I've finally gotten the go-ahead from higher-ups to join the twenty-first century and use cloud hosting. Now I need to prove that running in AWS is not just easier than maintaining our own farm, but more stable and secure. To do this, I ...

UpGuard Welcomes Security Expert Chris Vickery

UpGuard is proud to announce that security expert Chris Vickery is joining our team as a cyber risk analyst, bringing with him a stunning track record of discovering major data breaches and vulnerabilities across the digital landscape. ...

UpGuard and Puppet - Fits Like a Glove

Going from nothing to automation using one of the many tools available can be a daunting task. How can you automate systems when you’re not even 100% sure how they’ve been configured? The documentation is months out of date and the last ...

Looking for Love in All the Wrong Places

When we think of protecting our information online, it’s usually in the context of traditionally sensitive data-- credit card numbers, addresses, SSNs, and so on. But as anyone who has taken a picture of themselves wearing nothing but a ...

Why We Made Our Vulnerability Assessment Free for Everyone

Known vulnerability assessment– evaluating a machine's state for the presence of files, packages, configuration settings, etc. that are known to be exploitable– is a solved problem. There are nationally maintained databases of ...

Closing The Loop On Notifications with UpGuard and Slack

Though still a relatively new player on the market, group messaging upstart Slack has steadily expanded its footprint into the business and enterprise arena with its polished, streamlined offering for team collaboration. For the ...

Know What You Have: Baselining, Change Anomalies, and Group Differencing

More than ever, UpGuard provides the ability to know how your environments are changing and to identify the deviations that increase your risk for failed change, outages, and security incidents. Here we quickly cover how UpGuard addresses ...

UpGuard and COBIT for SOX Compliance

Sarbanes-Oxley (SOX) compliance—it’s like checking for holes in your favorite pair, but with consequences beyond public embarrassment. For publicly traded companies, the ordeal is a bit like income tax preparation for the rest of us: a ...

Getting Started with the UpGuard Connection Manager

We rewrote the UpGuard agent as a connection manager to reap the benefits of agentless monitoring. Why get rid of agents? Because agents must be updated. They are like a free puppy–it's easy to take them home but you have to feed them, ...

Putting the FREAK (CVE-2015-0204 ) on a Leash

We know you're sick of updating OpenSSL so we'll keep this short. There is a new SSL vulnerability named FREAK with a published proof of concept. FREAK affects a significant portion of websites, including big names like American Express ...

An Overview of Amazon AWS and UpGuard (Part 1 of 2)

Over the years, Amazon has become the poster child for all things cloud-related, and for good reason: as one of the initial vendors to embrace the cloud computing paradigm, they were the first to offer widely accessible commercial cloud ...

Liquifying your Infrastructure with UpGuard and Docker Containers

One of the easiest ways to build applications programmatically into containers through Docker is to use a Dockerfile. Dockerfiles are the Makefiles of the Docker world. A ton of blog posts and tutorials have sprung up over the last few ...
All posts