GYTPOL's Blog

We may have known it for a while, but now we are officially cool! Remedio was just named a Gartner Cool Vendor in Cyber-Physical Systems Security.

Six years ago, we set out with a simple but ambitious mission: to make enterprise devices safer — not just monitored. We built carefully, profitably, and independently, guided by the belief ...

Security leaders invest heavily in the front door: phishing defenses, malware detection, patch management, the works. And then they think they’re safe. But it’s the misconfigurations quietly...

If a threat falls in the SOC and no one ties it to revenue, does it really make a sound? That’s the challenge security leaders face every day: finding an impactful way to translate cyber ris...

Picture the legendary Metropolitan Opera House on opening night. The air hums with anticipation as elegantly dressed guests take their seats, each ticket granting access to one specific spot...

In cybersecurity, the smallest missteps can lead to the biggest breaches. Take British Airways: a global airline worth over $17 billion, with robust systems and sophisticated infrastructure ...

Active Directory (AD) is the powerhouse of the enterprise — the central hub where identity, access, and control converge. Yet despite its critical role, AD generally flies under the radar un...

As backpacks get packed and classrooms fill up, it’s the perfect time for businesses to go back to school, too. Not for algebra—but for cybersecurity. While today’s digital threats are evolv...

In the world of construction, complexity is the norm. From project sites scattered across geographies to legacy OT systems integrated with modern cloud environments, these sectors rely on a ...

Security teams are constantly walking a tightrope — enabling growth while minimizing risk. Most eyes are on the usual suspects: ransomware gangs, zero-day exploits, phishing campaigns. But t...

When it comes to IT security, risk mitigation, incident response, and cyber crisis management, the buck stops with the Chief Information Security Officer (CISO). As the enterprise’s top cybe...

Compliance is a moving target shaped by global regulations, evolving threats, and constantly constrained internal resources. But when compliance deadlines slip through the cracks, the conseq...

It seems like every time we think we've closed the door on Remote Desktop Protocol (RDP) threats, another window opens — sometimes quite literally.

Every organization has its unfinished business. For too many, it's SMBv1. Even years after Microsoft deprecated it, SMBv1 still lingers in enterprise networks — often out of sight, but not o...

Is good security good business? When something goes wrong, it’s easy to draw the connection: bad security leads to breaches, downtime, and damage. But what if catastrophe isn’t looming?

Configuration security is a foundational piece of the cybersecurity puzzle — yet one that too many organizations continue to overlook.

Things just don't seem to stay how they're meant to. It's a problems familiar to most people in the world of enterprise IT and Security. And in 2005 it was a problem for the Burnet Institute...

Most cybersecurity startups don’t go from napkin sketch to profitable business without a single dollar of outside funding. But then again, most startups aren’t led by Tal Kollender.

Myths and misconceptions can be dangerous, especially in the world of cybersecurity. From treating group policies like gym memberships to the conviction that it just won't happen to you, the...

Not every risk has a CVE, and not all weaknesses can be patched. Misconfigurations, overly permissive access settings, unsafe protocols, and unenforced policies often fall outside traditiona...

Five days to decide. That’s all the Everest ransomware gang gave Coca-Cola. A countdown, a threat, and a promise: Pay up, or we expose everything. Visa scans. Passport copies. Salary details...

After decades taking the same (largely reactive) tack as the rest of the world, Japan is now flipping the script and perhaps setting a new cyber standard for others to emulate, passing a law...

In the world of logistics, last-mile delivery refers to the final phase of a product’s journey — the crucial step where an item moves from a warehouse shelf, onto a delivery truck, and final...

If you’re a decision-maker, security partner, or even just curious about the world of cyber, our dictionary of cybersecurity terms will help you speak the language, ask sharper questions, an...

In today’s threatscape, attacks are all but inevitable. With companies on the back foot, it's only natural to question if their existing defenses are up for the challenge. In many case, they...

Cyber hygiene refers to the regular, ongoing practices and foundational safeguards that implemented to proactively maintain the health and security of an organization's digital environments ...

When it comes to reducing enterprise threat exposure, configuration hardening isn’t a new idea — but it’s finally getting the focused attention it deserves.

We’re excited to share that Remedio can be purchased and deployed fully through AWS. That fact is not trivial as it entitles us to a “Deployed on AWS” badge, which conveys preferred vendor s...

The sheer volume of security tools in today’s enterprise IT environments disguise a critical truth: more tools don’t equal better protection. This was among the key takeaways from Gartner®'s...

When JPMorgan Chase sounds the alarm, we should all pay attention. In a powerful open letter, the firm argues that the SaaS delivery model, while transformative, is eroding fundamental secur...

Browsers today are an essential component of any enterprise work environment — where employees log in, collaborate, and interact with sensitive data across countless applications. And while ...

Maintaining secure and compliant device configurations is a top priority for enterprise businesses. With increasing cloud adoption however, it's something that is increasingly complicated an...

On April 16, 2025, the global cybersecurity community came alarmingly close to losing a foundational pillar of its vulnerability management infrastructure: the MITRE CVE program. With fundin...

It’s a familiar dilemma: weighing the need for security against the need to "keep things running." At PDS Health, it's a tension that runs equally through strategy and day-to-day operations.

Healthcare organizations must minimize the cyber risks to the organization, working to secure critical assets and sensitive data. At the same time, they must work diligently to ensure nothin...

As we move further into 2025, H2 planning is in full swing. If industry conferences aren't already part of that plan, now's the time to reconsider.

We've created a short 6-question quiz overviewing the current state of affairs with respect to enterprise cybersecurity. The quiz is designed to offer a quick, dare we say fun, reprieve from...

Women’s History Month is a time to celebrate the fairer sex's contributions to the workforce and advocate for greater representation.

According to a Verizon Data Breach Investigations Report, 86% of data breaches are financially motivated. Being the source of the so much fast-moving capital, this naturally positions the pa...

In the fight for sustained security, operators rely on a variety of tools and technologies to help get the job done — but without strategic alignment, consistent oversight, and proper integr...

Configuration security is not sexy. Wish that it were, but it just isn’t. As it is, it rarely gets the attention it deserves, but businesses overlook this vital aspect of their security post...

For those operating Windows 10 based machines, the clock's running out. With Windows 10 EoSL (End of Service Life) set for October 14, 2025, technical support — including critical security p...

Throughout 2024, cybersecurity continued to be a thorn in the side of global industry as sophisticated cyberattacks cost organizations trillions. Yes, that’s trillions with a T.

From compromised endpoints to disrupted workflows, misconfigurations are one of the leading causes of disruptions in complex IT environments.

In today’s digital battlefield, knowledge is power. As threats evolve rapidly and the costs of security failures continue to rise, businesses must stay informed. The Big CISO Factbook uses f...

As Thanksgiving approaches, it’s a fitting time to pause and reflect on our seldom- celebrated cyber victories. In an industry where success often goes unnoticed because it looks like “nothi...

In today’s complex digital landscape, the importance of configuration security audits cannot be overstated.

Please join us as we take you on a journey through the looking glass and into the realm of haunted hacks. Here, misconfigured endpoints lay in wait, threatening to jump out from behind every...

In evaluating endpoint posture and network integrity, configuration audits are essential. At the same time, conducting an effective audit is easier said than done.

Endpoint configurations are essential to good security. That’s always been the case, but it rings even truer with each passing year. In some ways, endpoint configurations are your first line...

Device configurations are one of the most important elements of your organizational security today. Why? For starters, security misconfigurations are one of the most critical threats you’ll ...

The world of cybersecurity is complex and ever-changing. But that doesn't mean there aren't any recurring themes or repeating patterns.

For most businesses, IT and security teams go about their work mostly unnoticed. Some would say that’s by design. Like the stage hands that help make a good show possible and keep everything...

On July 19th 2024, CrowdStrike pushed an update to its Microsoft Windows agent. (Linux and macOS computers were not affected.) Considered something of an industry standard, the agent is wide...

Within months of its first public appearance, Black Basta left a significant mark in the realm of ransomware – tallying up 19 high-profile enterprise victims in the course of 100+ confirmed ...

After a CVE is published, the race is on. Often a good amount of time passes before any patches are issued. Of course, sometimes the patch never comes. Best case scenario, patches are releas...

In cybersecurity, it’s not always the initial breach that causes the most damage — it’s what happens next. Attackers today rarely stop at a single point of entry.

In today’s digital landscape, organizations face relentless cyber threats, with ransomware incidents posing a significant risk.

At a time when cyber threats are increasingly sophisticated, understanding and implementing device hardening is more crucial than ever. Device hardening is an extensive and crucial process i...

The cyber threat landscape has been significantly heightened by the emergence of LockBit 2.0, an advanced and pernicious form of ransomware.

In the fast-paced world of technology, where innovation is a constant, it’s crucial to ensure that our operating systems remain secure.

In the digital age, data protection and security are paramount, especially within the healthcare sector. The National Health Service (NHS) in the UK recognizes the importance of safeguarding...

In the complex world of mergers and acquisitions (M&A), where cybersecurity and compliance are essential, the security of endpoints and the rapid resolution of security gaps are critical...

Our dependence on IT platforms and the need to secure them creates a non-stop challenge. This challenge compounds as organizations encounter the complexities of hybrid work, cloud migrations...

Threat actors are taking advantage of misconfigurations on various devices, such as PCs, laptops, and servers. So much so that according to Microsoft, 80% of successful ransomware attacks ar...

Distributing a macOS software is not an easy task. It requires taking the binary, signing it, packaging it, signing the package and notarizing it.

Cyber Essentials is a cyber security certification that has been designed by the government to make it simple for organizations to protect themselves against common cyber threats.

It's often said that Linux is a more secure OS compared to other OSs in the market. While that's not incorrect, one shouldn't be tempted to think that it Linux is bulletproof.

They say the only constant in life is change — but in IT, every change comes with a cost. Every patch, policy update, or quick fix introduces the risk of misconfiguration. What starts as a r...

Myth: “IPv6 Security enhancements (such as IPsec) makes it safer than IPv4” Truth: IPsec is an end-to-end security mechanism, providing authentication and encryption on the network layer.

Earlier this week, a new zero day arrived, it is called Follina (MS Office CVE-2022-30190) and impacts any organization using Microsoft Office.

It’s been a while since FireEye first announced that they were victim of the now infamous SolarWinds Supply Chain Attack. It's gone down in history as one of the most sophisticated and far r...

Managing configurations, patching, and updating system controls is one of the most notably difficult things that any CISO has to deal with. Yet it is also among the most critical, as systems...

Most often I have found that the issue of addressing the problem is more pressing than simply identifying the threat. We have a massive, multi billion dollar, industry dedicated solely to “s...

It starts with good intentions — a temporary TLS downgrade for a legacy app, a local admin account to solve a quick issue, or a service account exempted from MFA to speed up automation. Seem...

Do threats against your Active Directory keep you up at night? Honestly, they should. Active Directory is critical as it controls access to your systems and data.

Albert Einstein once said, “If I were given one hour to save the planet, I would spend 59 minutes defining the problem and one minute resolving it.”

Odds are you have heard the wisdom that a defense is only as good as its weakest point. Which makes sense. After all, any strong defensive posture can only hold up if there are no fail point...

In the modern Microsoft environment, NTLM (“NT Lan Manager”) is a security threat you should keep an eye on. Especially when it’s about the cloud environment, Microsoft warns you to deny it ...

Attacks are becoming more sophisticated, hackers are becoming smarter, and so should be the defenders. The attacker eyeing your organization is looking for the misconfiguration that will let...

In my previous article I wrote about the importance of monitoring all endpoints in the organization for the existence of cached credentials. In this post, I'm going to explain what you can d...

When hackers are successful in accessing user credentials, they can access the resources of an organization and cause a lot of damage as they move laterally. This normally goes unnoticed as ...

Configuration is a routine part of setting up and maintaining IT environments, serving as the fundamental building block that ensures systems run smoothly and align with organizational needs...