#forescout — Public Fediverse posts

New blog posted discussing various forms of “micro-segmentation”, and use of tags instead of IP addresses in ACL’s. With callout to a great post about flows by Daniel Dib with some great comments. https://www.linkedin.com/pulse/microsegmentation-versus-nac-ip-based-acls-peter-welcher-rtoae/
Tags: #PeterWelcher #CCIE1773 #Security #MicroSegmentation #NAC #SecurityGroupTag #Cisco #Elisity #ForeScout #Flows

Infosec products of the month: November 2025 https://www.helpnetsecurity.com/2025/11/28/infosec-products-of-the-month-november-2025/ #BarracudaNetworks #NokodSecurity #BedrockData #Bitdefender #1touch.io #Firewalla #Forescout #Immersive #Action1 #Komodor #Minimus #Cyware #Kentik #Synack #News

New infosec products of the week: November 7, 2025 https://www.helpnetsecurity.com/2025/11/07/new-infosec-products-of-the-week-november-7-2025/ #BarracudaNetworks #Bitdefender #1touch.io #Forescout #Komodor #News

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors https://www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/ #incidentresponse #enterprise #government #Don'tmiss #Forescout #Hotstuff #Mandiant #webshell #Onapsis #News #SAP

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors https://www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/ #incidentresponse #enterprise #government #Don'tmiss #Forescout #Hotstuff #Mandiant #webshell #Onapsis #News #SAP

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors https://www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/ #incidentresponse #enterprise #government #Don'tmiss #Forescout #Hotstuff #Mandiant #webshell #Onapsis #News #SAP

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors https://www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/ #incidentresponse #enterprise #government #Don'tmiss #Forescout #Hotstuff #Mandiant #webshell #Onapsis #News #SAP

Infosec products of the month: April 2025 https://www.helpnetsecurity.com/2025/05/02/infosec-products-of-the-month-april-2025/ #ArcticWolfNetworks #RunSafeSecurity #SkyhawkSecurity #CatoNetworks #IndexEngines #SealSecurity #StellarCyber #Bitdefender #Seemplicity #AbnormalAI #Flashpoint #PowerDMARC #1touch.io #Forescout #AppViewX #BitSight #Bugcrowd #LastPass #PlexTrac #Swimlane #Veracode #CyberQP #Entrust #Exabeam #Saviynt #Varonis #Cyware #News #Jit

Infosec products of the month: April 2025 https://www.helpnetsecurity.com/2025/05/02/infosec-products-of-the-month-april-2025/ #ArcticWolfNetworks #RunSafeSecurity #SkyhawkSecurity #CatoNetworks #IndexEngines #SealSecurity #StellarCyber #Bitdefender #Seemplicity #AbnormalAI #Flashpoint #PowerDMARC #1touch.io #Forescout #AppViewX #BitSight #Bugcrowd #LastPass #PlexTrac #Swimlane #Veracode #CyberQP #Entrust #Exabeam #Saviynt #Varonis #Cyware #News #Jit

New infosec products of the week: April 11, 2025 https://www.helpnetsecurity.com/2025/04/11/new-infosec-products-of-the-week-april-11-2025/ #RunSafeSecurity #IndexEngines #SealSecurity #Forescout #News #Jit

Zwecks Auffindbarkeit ein paar Hastags dazu:
Untersuchte Hersteller: #Huawei #Sungrow #GinlongSolis #Goodwatt #GoodWe #SMA
Allgemein: #PV #WR #Wechselrichter #Solar #Inverter #SunDown #Forescout #China #Hacker #SmartHome #IoT
https://www.forescout.com/research-labs/sun-down-a-dark-side-to-solar-energy-grids/
@bsi

Recommendations
Manufacturers
Development • Devices: holistic security architecture including secure boot, binary hardening, anti-exploitation features, permission separation etc
• Applications: proper authorization checks on web applications, mobile applications and cloud backends
Testing • Regular penetration testing on applications and devices • Consider bug bounty programs
Monitoring Web Application Firewalls Remember that a WAF does not protect against logical flaws

Users
Residential and commercial users • Change default passwords and credentials • Use role-based access control • Configure the recording of events in a log • Update software regularly • Backup system information • Disable unused features • Protect communication connections
Commercial and utility installations (in addition) •
Include security requirements into procurement considerations
• Conduct a risk assessment when setting up devices • Ensure network visibility into solar power systems • Segment these devices into their own sub-networks • Monitor those network segments

Zwecks Auffindbarkeit ein paar Hastags dazu:
Untersuchte Hersteller: #Huawei #Sungrow #GinlongSolis #Goodwatt #GoodWe #SMA
Allgemein: #PV #WR #Wechselrichter #Solar #Inverter #SunDown #Forescout #China #Hacker #SmartHome #IoT
https://www.forescout.com/research-labs/sun-down-a-dark-side-to-solar-energy-grids/
@bsi

Recommendations
Manufacturers
Development • Devices: holistic security architecture including secure boot, binary hardening, anti-exploitation features, permission separation etc
• Applications: proper authorization checks on web applications, mobile applications and cloud backends
Testing • Regular penetration testing on applications and devices • Consider bug bounty programs
Monitoring Web Application Firewalls Remember that a WAF does not protect against logical flaws

Users
Residential and commercial users • Change default passwords and credentials • Use role-based access control • Configure the recording of events in a log • Update software regularly • Backup system information • Disable unused features • Protect communication connections
Commercial and utility installations (in addition) •
Include security requirements into procurement considerations
• Conduct a risk assessment when setting up devices • Ensure network visibility into solar power systems • Segment these devices into their own sub-networks • Monitor those network segments

Zwecks Auffindbarkeit ein paar Hastags dazu:
Untersuchte Hersteller: #Huawei #Sungrow #GinlongSolis #Goodwatt #GoodWe #SMA
Allgemein: #PV #WR #Wechselrichter #Solar #Inverter #SunDown #Forescout #China #Hacker #SmartHome #IoT
https://www.forescout.com/research-labs/sun-down-a-dark-side-to-solar-energy-grids/
@bsi

Recommendations
Manufacturers
Development • Devices: holistic security architecture including secure boot, binary hardening, anti-exploitation features, permission separation etc
• Applications: proper authorization checks on web applications, mobile applications and cloud backends
Testing • Regular penetration testing on applications and devices • Consider bug bounty programs
Monitoring Web Application Firewalls Remember that a WAF does not protect against logical flaws

Users
Residential and commercial users • Change default passwords and credentials • Use role-based access control • Configure the recording of events in a log • Update software regularly • Backup system information • Disable unused features • Protect communication connections
Commercial and utility installations (in addition) •
Include security requirements into procurement considerations
• Conduct a risk assessment when setting up devices • Ensure network visibility into solar power systems • Segment these devices into their own sub-networks • Monitor those network segments

Zwecks Auffindbarkeit ein paar Hastags dazu:
Untersuchte Hersteller: #Huawei #Sungrow #GinlongSolis #Goodwatt #GoodWe #SMA
Allgemein: #PV #WR #Wechselrichter #Solar #Inverter #SunDown #Forescout #China #Hacker #SmartHome #IoT
https://www.forescout.com/research-labs/sun-down-a-dark-side-to-solar-energy-grids/
@bsi

Recommendations
Manufacturers
Development • Devices: holistic security architecture including secure boot, binary hardening, anti-exploitation features, permission separation etc
• Applications: proper authorization checks on web applications, mobile applications and cloud backends
Testing • Regular penetration testing on applications and devices • Consider bug bounty programs
Monitoring Web Application Firewalls Remember that a WAF does not protect against logical flaws

Users
Residential and commercial users • Change default passwords and credentials • Use role-based access control • Configure the recording of events in a log • Update software regularly • Backup system information • Disable unused features • Protect communication connections
Commercial and utility installations (in addition) •
Include security requirements into procurement considerations
• Conduct a risk assessment when setting up devices • Ensure network visibility into solar power systems • Segment these devices into their own sub-networks • Monitor those network segments

Zwecks Auffindbarkeit ein paar Hastags dazu:
Untersuchte Hersteller: #Huawei #Sungrow #GinlongSolis #Goodwatt #GoodWe #SMA
Allgemein: #PV #WR #Wechselrichter #Solar #Inverter #SunDown #Forescout #China #Hacker #SmartHome #IoT
https://www.forescout.com/research-labs/sun-down-a-dark-side-to-solar-energy-grids/
@bsi

Recommendations
Manufacturers
Development • Devices: holistic security architecture including secure boot, binary hardening, anti-exploitation features, permission separation etc
• Applications: proper authorization checks on web applications, mobile applications and cloud backends
Testing • Regular penetration testing on applications and devices • Consider bug bounty programs
Monitoring Web Application Firewalls Remember that a WAF does not protect against logical flaws

Users
Residential and commercial users • Change default passwords and credentials • Use role-based access control • Configure the recording of events in a log • Update software regularly • Backup system information • Disable unused features • Protect communication connections
Commercial and utility installations (in addition) •
Include security requirements into procurement considerations
• Conduct a risk assessment when setting up devices • Ensure network visibility into solar power systems • Segment these devices into their own sub-networks • Monitor those network segments

Undocumented DrayTek Vulnerabilities Exploited to Hack Hundreds of Orgs https://www.securityweek.com/undocumented-draytek-vulnerabilities-exploited-to-hack-hundreds-of-orgs/ #Malware&Threats #Vulnerabilities #MonstrousMantis #Forescout #DrayTek #ZeroDay

Undocumented DrayTek Vulnerabilities Exploited to Hack Hundreds of Orgs https://www.securityweek.com/undocumented-draytek-vulnerabilities-exploited-to-hack-hundreds-of-orgs/ #Malware&Threats #Vulnerabilities #MonstrousMantis #Forescout #DrayTek #ZeroDay

Maximizing security visibility on a budget https://www.helpnetsecurity.com/2024/11/05/barry-mainz-forescout-security-visibility/ #artificialintelligence #securitycontrols #cybersecurity #compliance #Don'tmiss #Forescout #zerotrust #Features #Hotstuff #ITassets #network #opinion #cloud #News #IoT

OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware https://www.helpnetsecurity.com/2024/08/07/ot-iot-router-firmware-vulnerabilities/ #vulnerabilityassessment #InternetofThings #FiniteState #Don'tmiss #Forescout #Hotstuff #hardware #patching #report #router #survey #News

Cybersecurity unicorn Exabeam raises $200M to fuel SecOps growth - Exabeam, a late-stage startup that helps organizations detect advanced cybersecuri... - http://feedproxy.google.com/~r/Techcrunch/~3/7wnD40IyRdg/ #lightspeedventurepartners #norwestventurepartners #cloudapplications #acrewcapital #crowdstrike #lightspeed #companies #executive #forescout #president #security #chairman #software #funding #exabeam #leader #mcafee #cloud #intel #okta #ceo