Secure Sockets Layer

In our Acronym Series, Nexum’s expert engineers define the industry’s most popular topics, like Secure Sockets Layer (SSL).
CISO Guide to Ransomware

Our partner Abnormal Security is disrupting the email security market. Receive your free CISO Guide to Ransomware – How It Starts via Email and How to Prevent It.
Prevent Ransomware with SASE

There are three technologies that can help prevent ransomware: Cloud access security broker (CASB), secure web gateway (SWG), and data loss prevention (DLP). These components have converged into a single solution for what has now been coined the secure access service edge (SASE) architecture.
Nexum at Central Ohio ISSA InfoSec Summit

Nexum at Central Ohio ISSA InfoSec Summit Written by: Scott Hammond, Senior Security EngineerConnect with us on LinkedIn Recently several members of Team Nexum attended the 15th annual Central Ohio ISSA InfoSec Summit in rainy Columbus, Ohio. As a well-respected event for security-minded professionals to gather and discuss today’s critical security challenges, it was fantastic […]
20 Years of Security

Founded in April of 2002, we are proud to celebrate our 20th anniversary. This post includes quotes from Founder and CEO of Nexum and a Back in 2002 infographic.
The Issue With Open-Source Code Utilization

Due to ongoing geopolitical events, particularly the Russia-Ukraine conflict, some individuals have begun to “poison” major open-source projects to try to cause damage. There were developers (cyber-activists) that chose to introduce code specifically targeting computers in Russia and Belarus.
Attack Observations Since the Russian Invasion of Ukraine

Nearly a month has passed since the start of the Russian invasion of Ukraine. Before this, the “Cold War” of cyberattacks has consisted of plenty of nation-state-sponsored activity against Western targets. But until now, this activity has not been a weaponized component in an active physical conflict with Western countries (whether direct or, in this case, by proxy).
Network Alerting

One of the primary things Information Technology (IT) and security teams continue to contend with are alerts. Every system has the capability to generate an alert. Is it some sort of security alert? Some sort of uptime alert? Perhaps an alert indicating that too many alerts have been generated in too short a time? Either way, the volume of alerts likely involves headaches for everyone.
Critical Vulnerability Alert: Log4j

Critical Vulnerability Alert: Log4j This page will be updated as additional information is released. Last Updated: December 20, 12:00pm EST On December 10, National Institute of Standards and Technology (NIST) issued a Common Vulnerabilities and Exposures (CVE) for a vulnerability in Log4j. This vulnerability when exploited can lead to the attacker having the ability to run code remotely. This […]
Flashlight on Shadow IT

“You cannot secure what you do not know.” I frequently see iterations of this phrase when it comes to cybersecurity and visibility. When a security team looks to gain insight into what is being used in their network, they won’t be able to secure what they can’t see or are not aware of. It’s here that the buzzword of Shadow IT (Information Technology) is also commonly thrown around. You can think of Shadow IT as the thing that you do not know is on the network – and therefore cannot secure.