You will find in this blog all the Chimere latest news, the events and important announcements!
A look back at these 3 intense days at the InCyber Forum (FIC) 2024, from March 26 to 28 at the Lille Grand Palais, marked by several highlights and many meetings.
This 16th edition was a great success with over 17,000 visitors to the show over the 3 days!
We are thrilled to announce that Chimere will be a partner of the InCyber Forum 2024, which will take place from March 26 to 28 at Lille Grand Palais.
The Incyber Forum is one of the most important events in the cybersecurity industry in Europe, bringing together professionals from around the world to discuss the latest trends and challenges in IT security. This is an opportunity for Chimere to present its Cyberstealth® solution and meet other actors in the ZTNA and cybersecurity fields.
In the previous article Effectively Managing Your Attack Surface (Part 1), we used the tool Uncovery - Advanced EASM to get an accurate view of the attack surface of the information system. The results showed 160 services exposed on the internet network, intended for a well-defined user population. In this article, we will show how to use Chimere to secure all of these services and remove them from the attack surface while keeping them accessible to employees.
To do this, we will use the automatic service enrollment mechanism offered by Chimere and then connect the company's identity provider to the Chimere Manager to provide user access to services.
When you are a CISO or CIO taking on a new position, one of the challenges is to efficiently understand the areas where protection measures and security actions need to be implemented. Esteemed readers of this blog, you know how exposing applications on the internet is one of the most common causes of information system compromise. If this is your first Chimere article, take a look at our previous thoughts on the subject: 10 cyberattacks that exploited the principle of exposure, 3 types of attacks feared by companies, and 3 strategies to protect your information system from internet scans (and resulting attacks)
In this article, we provide a method to identify and manage this exposure, ultimately reducing the risk of compromise resulting from the exposure of your assets on the internet.
Let’s look back at an ambitious program that defines itself as “the acceleration program for future cybersecurity champions,” in the universe of a French giant in the field and at the heart of the “world’s largest startup campus.”
To the entire cyber community, and to everyone, we wish you a very happy 2024! May it be synonymous with success and fulfillment in all your projects.
The European Cyber Week is the reference event in the fields of strategic studies and research in cyber defense and cybersecurity. Gathering an ecosystem of French and European excellence, rich through its diversity and the high level of its speakers, it's the place where all the actors of the sovereign cyber sector meet.
Application anonymity, network authentication, and exposure elimination are three characteristics intimately linked to the principle of hidden services. In the previous article: What is a 'Hidden Service'? Part 1, we highlighted these three aspects of the mechanism, but they are not alone in bringing interesting properties in terms of network security. In this new article, we found it interesting to highlight four other characteristics, much less known than the first ones, yet providing a real defensive added value.
The term "hidden service" is intimately related to certain technologies like the darknet and the Tor Project. This mechanism is used to provide various security and anonymity features to network users. In the collective consciousness, it is widely accepted that the darknet and hidden services are primarily used by cybercriminals to offer applications accessible through the Internet without revealing the identities of the parties involved. However, in reality, hidden services are often used for much nobler purposes, where the technical advantages they offer are highly appreciated.
Whistleblowers, secure data exchanges, journalistic content publication, and today's widespread and secure remote access with the advent of Zero-Trust Network Access are all ways in which hidden services are used for protection. But what are hidden services, and what do they really offer? Answers in this article.
When exchanging with CISOs and CIOs about the actions to be taken to ensure optimal security of their information systems, user awareness and the implementation of good security hygiene practices are frequently discussed. It is undeniable that the human factor often plays a decisive role in the compromise of information systems. While raising awareness among employees and partners is essential, it is common to observe decision-makers adopting a fatalistic view of the situation and considering that security through the use of technical solutions is a failure.
Are they right? In an attempt to provide some insights in this article, we address three well-known techniques that attackers employ to hack enterprise computer systems, and against which security services must fight.
