Let's find
a solution that
fits your needs
Contact us to see how we can help
with a no cost initial consultation.
Request a Quote
e: [email protected]
p: 919.595.8560


Tips, tricks and detailed analysis of security issues


Tips, tricks and detailed analysis of security issues

Top 5 Cybersecurity Steps to Take in 2019

Cross Posted from Net Friends

From your Net Friends IT Security Experts: The Top 5 Cybersecurity Steps you can take to improve your IT security for 2019. We asked our Information Security Office (ISO) staff to recommend practical steps that businesses can take to improve their digital security stance for 2019.More Info

Bandura Cyber Announces Strategic Partnership with Castra Consulting

Partnership Enables Automated Threat Intelligence Protection

Collaboration Will Fuse Advanced Threat Intelligence Gateway Technology with Castra’s mSIEM Managed Service OfferingMore Info

The Castra Elastic Logger for USM Appliance

A fast and scalable solution to pair with your existing USM instance

Do you need to add long-term logging to your AlienVault USM? Do you want to combine the search power of Elastic with the advanced AlienVault USM platform? If you are looking to expand your AlienVault raw log storage while adding new possibilities for analytics, visualization and reporting, Castra’s Elastic Logger is for you.More Info
Title Date

Analysis of the GAO Report on the 2017 Equifax Breach

Cross Posted from Net Friends

The GAO report provides the most detail to date about the specifics of the breach summarized in the graphic below, such as how the attack started on the Equifax dispute portal servers, how they gained access to 51 databases and extracted data from them for over 76 days in small increments to avoid detection.More Info

What is a Penetration Test?

There are a variety of types of penetration (pen) tests but they all boil down to having a trusted advisor digitally attack your company’s infrastructure. For many companies it’s a matter of when, not if, a compromise occurs. There are constantly news stories about well-known companies with major budgets suffering for massive data breaches and we all know about the constant plight of spammy phishing emails.More Info

The So-Called Intel Bug

Two named bugs dropped on January 3rd, both concerning the way in which modern CPUs work. Nearly all intel hardware for approximately the past 25 years is affected. The Meltdown and Spectre bugs are severe in nature, and organizations will need to address the specific and pervasive risk of information leakage and take specific mitigative measures.More Info

Best practice Audit Policies - Windows OS

When configuring Windows to write audit logs for your SIEM, consider the following policies as a way to improve value over volume in your logging.More Info

Set It and Forget It...Fail.

You’ve set up your SIEM, you have logs flowing and a report or three. You are done, right? You don’t need to look at it every day, right? You can just check it on Friday on the way home, right?
It emails you an alarm, so you are done, right?
More Info

Early Thoughts on Krak

The news is coming out today about a core protocol-level flaw in WPA2-PSK named "KRAK" [a forced acronym for Key Renegotiation AttacK, the method by which connections can be compromised]More Info

Our Thoughts On The Equifax Breach Of 2017

Cross Posted from Net Friends

Castra has been asked by several of our customers what they should do to respond to one of the biggest data breaches ever, the Equifax Breach of 2017 that resulted in the potential loss of sensitive information that could be used for identity theft, impacting just under half of the entire US population, or 143 million people.More Info