Under attack?

Get in touch

Cybersecurity challenges

Identify Your Vulnerabilities and Risks

Develop and Manage Your IT Securely

Detect and Respond to Intrusion

Respond to and Quickly Overcome a Cyber Attack

Get Cybersecurity Advice

Essential cybersecurity capabilities

How We Help

Predict

Prevent

Detect

Respond

Recover

Our Services

Are you under attack?

Why Truesec

Who We Are

Cases

Our Experts

Careers

Knowledge and Resources

Events

Tech Talks

Trainings

Blog

News

Knowledge Hub

Main menu

Secure Development May Seem Slow but Usually Pays Off in the Long Run

Secure Development

Secure Development Might Seem Slow, But It Often Pays Off in the Long Run

Find Vulnerabilities in Your IT Infrastructure Before the Threat Actors Do

Threat Hunting

Red Teaming

Skills Needed for an Efficient Cyber Incident Response Team

Incident and Response

IT Asset Management's Role in Information Security Management

Secure Strategy

DarkGate Loader Malware Delivered via Microsoft Teams

CMMC Assessment Takeaways

Cybersecurity

Using Kill Chain Analysis in Ransomware Attacks

Truesec Expands Service Portfolio with Identity & Access Management (IAM)

Today, Truesec announces the appointment of Maja Samuelsson as Chief People &amp; Culture Officer to attract new talent, develop existing expertise, ensure a strong culture, and strengthen leadership in Truesec's growth journey in several markets. Maja started her new role on August 14 of this year.
The cybersecurity company Truesec has had a solid growth journey and is currently in five markets: Sweden, Denmark, Finland, the US, and Germany. Truesec's need to develop existing expertise and attract new talent globally has increased in connection with this growth.
Truesec has appointed Maja Samuelsson as Chief People &amp; Culture Officer to continue to grow and attract valuable expertise. In her new role, Maja will focus on Truesec's key factors to attract new talents and develop existing skills. She will continue to build on Truesec's strong culture and strengthen the company’s leadership, which is constantly growing into new markets and with new insights.
"We are pleased to welcome Maja to Truesec and see that she will be a key person in developing our business to the next step by focusing on our most important resource ‒ our employees. Maja will continue to strengthen our leadership and create the best conditions for our teams to be engaged at work, develop, and live up to our purpose in all countries where we are represented. At Truesec, the commitment and expertise of our employees are in focus. We have an important mission: to prevent and minimize the damage of data breaches, and this mission requires us to take good care of our leaders and teams. Cyber is demanding, and the focus on leadership and our talents allows us to continue to grow and deliver at the highest level to our clients.", says Anna Averud, CEO of Truesec Group.
Maja Samuelsson was educated in the Human Resources program at Uppsala University and came most recently from DigitalRoute, where she held the position of SVP Human Resources for six years. She has also previously been an HR Consultant at Wise Consulting and HR Manager at TP Vision/Philips TV.
"I am very happy to become a part of Truesec, where in my role, I will continue to ensure that we have a strong focus on people, culture, and leadership to enable the company's continued growth journey and international expansion. I look forward to being part of a company with such a strong and clear purpose, which permeates the entire company. Truesec is today an attractive employer, and we will ensure that we continue to be that in all markets where we are represented through a constant drive to develop and become even better for our employees and our customers", says Maja Samuelsson, Chief People &amp; Culture Officer at Truesec Group.
<h3>For media inquiries:</h3>
Jennie Mattar CMO Truesec Email: Jennie.mattar@truesec.com Phone: +46-72 858 88 78
<h3>About Truesec</h3>
Truesec is a global cybersecurity company with a clear purpose: Prevent breach and minimize impact. Since its founding in 2005, Truesec has gained a strong reputation and earned the trust of organizations worldwide. Today, Truesec consists of over 330 dedicated cyber specialists in Sweden, US, Denmark, Finland and Germany – covering the full spectrum of cybersecurity. www.truesec.com

Truesec Appoints New Chief People & Culture Officer

A Victim of the Akira Ransomware

Truesec announces that Alice Leth Sørensen will take on the role of CEO for Truesec Denmark. As a next step to strengthen Truesec’s presence and expertise in Northern Europe, Alice will lead the team in Denmark to secure Danish society against cyberattacks.
The announcement comes following Truesec’s acquisition of Venzo Cyber Security A/S (VCS) in June earlier this year. With the addition of VCS, Truesec’s Danish team today consists of around 40 employees with the cyber expertise to help clients with operational, tactical, and strategic security needs. Truesec is strengthening companies’ cyber capabilities in Denmark across sectors ranging from pharmaceuticals to finance and food and beverage by increasing their capacity to proactively prevent and minimize the impact of cyber attacks in Denmark.
Alice Leth Sørensen co-founded Venzo Cyber Security A/S in 2020; prior to that, she was leading NNIT’s Global Security and SAP area. Alice has over 13 years of experience working with IT security. In the past few years, she has been an integral part of the team that built VCS with a successful go-to-market strategy.
“It’s an honor to welcome Alice Leth Sørensen as CEO of Truesec in Denmark. Alice is a trusted leader in the cyber sector, and I look forward to supporting her and the team to prevent breaches in Denmark. With the rise of cyber threats, geopolitical turbulence, and increased need for cybersecurity capabilities across society, we are expanding continually. Through the acquisition of Venzo Cyber Security, we become an even stronger cyber partner and can make our Nordic societies safer”, says Anna Averud, CEO of Truesec Group.
<blockquote>“Being one of the founders of Venzo Cyber Security three years ago, I’m proud of how we’ve been able to grow the company and the shared expertise that we can offer today. I’m very excited for the next step to keep growing and developing our team as a part of an established and leading cybersecurity company like Truesec to increase impact in Denmark. Our shared cultures, expertise, and vision will strengthen our offering as a trusted partner in the ongoing effort to prevent cyber attacks for all types of companies and organizations across Danish society”, says Alice Leth Sørensen, CEO of Truesec Denmark.</blockquote>
The previous CEO of Truesec Denmark, Morten von Seelen, who was responsible for the company’s growth and presence in Denmark for the past 1.5 years, will take on a global role focusing on developing Truesec’s business and offering.
Alice Leth Sørensen started her new role as CEO of Truesec Denmark at the beginning of August 2023
<h3>For Media Inquiries: </h3>
Jennie Mattar 
CMO, Truesec 
Email: <a href="mailto:Jennie.mattar@truesec.com">jennie.mattar@truesec.com</a> 
Phone: +46 72 858 88 78 
<h3>About Truesec</h3>
Truesec is a global cybersecurity company with a clear purpose: prevent cyber breach and minimize impact. Since its founding in 2005, Truesec has gained a strong reputation and earned the trust of organizations worldwide. Today, Truesec consists of over 330 dedicated cyber specialists in Sweden, the US, Denmark, Finland, and Germany – covering the full spectrum of cybersecurity. www.truesec.com

Truesec Appoints Alice Leth Sørensen as CEO for Truesec Denmark

Improving Business Risk Management in the Cyber Domain

Empowering Threat Detection With Custom Detections in EDR

Managed Detection & Response

Truesec´s acquisition of Venzo Cyber Security A/S, a former Venzo Group company, marks an important step for Truesec on its mission to create a safe digital future, as well as to further strengthen its cybersecurity capabilities.
<blockquote>“The acquisition of Venzo Cyber Security A/S significantly enhances our cyber defense capabilities, enabling us to better protect society from cyber attacks. We are excited to welcome the team to Truesec, as their expertise combined with our cyberspecialists in Denmark will make a significant difference in creating a safer society for all organizations in Denmark and Northern Europe”, says Anna Averud – CEO of Truesec Group.</blockquote>
- We are pleased to have found a new owner for our group company, Venzo Cyber Security A/S, and we are very happy on the team’s behalf. In Truesec, they will become part of a dedicated security firm with a global reach, while VENZO continue to pursue our strategy of delivering large multi-disciplinary digital transformation programs in Denmark and the Nordics, says Søren Luplau-Pagh, CEO of VENZO Group.
- This is a significant step forward and will further strengthen Truesec’s offering in Denmark and the Nordics. At Truesec our ambition is to secure Europe´s society against cyber attacks. With our strong team, we're better equipped to proactively prevent cyber attacks and minimize their impact, says Morten von Seelen, CEO Truesec Denmark.
The acquisition is expected to be completed June 1, 2023.
<h3>Contact us for further information or any inquiries you may have.</h3>
Jennie Mattar CMO, Truesec Email: Jennie.mattar@truesec.com Phone: +46-72 858 88 78
Anna Averud CEO, Truesec Email: Anna.averud@truesec.com Phone: +46-70 918 30 48
Søren Luplau-Pagh Group CEO, VENZO A/S Email: slp@venzo.com Phone: +45 20 28 56 73 
<h3>About Truesec</h3>
Truesec is a global cybersecurity company with a clear purpose: creating a safer society by preventing cyber attacks. Since its founding in 2005, Truesec has gained a strong reputation and earned the trust of organizations worldwide. Today, Truesec consists of over 300 dedicated cyber specialists in Sweden, US, Denmark, Finland, and Germany – covering the full spectrum of cybersecurity. www.truesec.com
<h3>About Venzo Cyber Security A/S</h3>
Venzo Cyber security A/S was founded 2020 as part of Venzo Group, a leader in digital change. Venzo Cyber Security A/S is focused on protecting enterprise and public clients against cyber threats. Today, Venzo Cyber Security A/S has obtained a strong position in the Danish market delivering high quality security advisory, solutions, and managed services.

Truesec Acquires Venzo Cyber Security A/S, a Leading Danish Cyber Specialist Organization

Northern Europe's leading Cybersecurity Center opens its doors in central Stockholm, Sweden. Truesec is the initiator of the center that will deliver state-of-the-art capabilities to meet new and future cyber threats to society. The center is accessible to all societal actors, companies, and organizations and aims to be a platform for innovation, sharing knowledge, and collaboration for jointly increased capabilities in cyber threat detection and cyber defense capabilities. Microsoft and CrowdStrike are some of the significant partners of the Cybersecurity Center. 
The new Cybersecurity Center will be the command center for hundreds of complex incident response operations carried out each year to help companies and organizations investigate, respond, and recover from severe cyber attacks. At the center, the antagonists who threaten Swedish and global interests are tracked and monitored by Truesec’s foremost expertise that today includes more than 300 people in Sweden, Denmark, Finland, Germany, and the United States are engaged in the operation. 
<h2>The Cybersecurity Center: </h2>
<ul><li>provides real-time insights into the threat against Sweden and other countries. </li><li>prevents more than 5,000 cyberattacks per year. </li><li>has full capacity to mitigate, detect and respond to attacks 24/7, 365 days a year. </li><li>supports over 500 organizations and partners by actively protecting critical infrastructure, digital values and assets. </li><li>employs over 300 cyberspecialists </li></ul>
<blockquote>Given the threat scenario that our societies are facing, the center provides us with the conditions needed to be the cyber partner that private businesses and the public sector need to protect their business, competitiveness and digital services against cybercrime, says Anna Averud, CEO of Truesec Group.</blockquote>
The center has an intelligence department that maps and monitors the actors posing a threat to society. There is also a monitoring center that protects hundreds of thousands of systems and computers in critical operations and other organizations around the clock. In addition to defensive capabilities, the center's offensive capabilities can simulate realistic antagonistic attacks, identify vulnerabilities, and train organizations. 
"The Cybersecurity Center is a private contribution to meet Sweden's and other countries need for increased cyber capabilities given the geopolitical situation we are in. The war against Ukraine and geopolitical turbulence have drastically changed the threat landscape for our society and the number of cyberattacks is increasing. Amid this uncertainty, we prevent 17 data breaches every day and handle the most complex cyber incidents in Sweden and elsewhere. As a private player, we can be more energetic, and transparent and move faster than the state-owned national counterpart. Thus, we are an important complement to protect our societies." says Marcus Murray, security expert and Founder of Truesec. 
<h2>Contact us for further information or any inquiries you may have:</h2>
Jennie Mattar CMO, Truesec Email: Jennie.mattar@truesec.se Phone: +46728588878 
<h2>About Truesec </h2>
Truesec is a global cybersecurity company with a clear purpose: Creating a safer society by preventing cyber attacks. Since its founding in 2005, Truesec has gained a strong reputation and earned the trust of organizations worldwide. Today, Truesec consists of over 300 dedicated cyber specialists in Sweden, US, Denmark, Finland and Germany – covering the full spectrum of cybersecurity. www.truesec.com

Northern Europe’s Leading Cybersecurity Center Opens in Stockholm

Introducing LAPSWebUI Enterprise

Infrastructure

Exporting Conditional Access Policies As an End User

Hacktivists Target Denmark in Simultaneous Attacks

Threat Intelligence

With rising geopolitical tension and the heightened risk of cyberattacks, the ability to detect and mitigate potential threats is greater than ever. With organizations worldwide relying on its support, Truesec aims to stay relevant by constantly expanding its global presence and capacity to prevent cyber breaches, which the launch of the new U.S. headquarters will reflect.
<blockquote>I’m excited to announce the opening of our new headquarters in Jacksonville. By continuing to extend the best-in-class MDR service we’ve built in Scandinavia in the U.S. market, we’re combining our global service capacity with a strong local presence. says Tomas Sjöström, CEO of Truesec INC. </blockquote>
<h2>Marketing-Leading Managed Detection and Response </h2>
A key service we’ll be able to expand in the U.S. is Truesec's Managed Detection and Response (MDR) service. Its capabilities are designed to counteract every stage of a cyber attack event chain and control its entirety. That includes active 24/7 attack monitoring and remediation, proactive threat hunting, and counteractive incident response and recovery. 
<h2>Internationally Acknowledged Cybersecurity Company</h2>
Truesec has long been at the forefront of protecting organizations against cyber threats and works closely with law enforcement, the insurance sector, and security organizations worldwide. Truesec's offering includes a broad portfolio of technologically advanced cybersecurity services from a team of dedicated cybersecurity experts. 
<blockquote>There’s a need for real capacity to mitigate threats today, and that’s what we are building in this organization. The expansion into the new U.S. headquarters will help us continue to make meaningful improvements in the state of security, not just for our clients in the U.S., but everyone, says Thomas Sjöström.</blockquote>
<h3>About Truesec Group</h3>
Truesec is a global cybersecurity company with a clear purpose: Creating safety and sustainability in a digital world by preventing cyber breach and minimizing impact. Over the years, Truesec has gained a strong reputation and earned the trust of organizations worldwide. Today, Truesec consists of 300+ dedicated cyber specialists – covering the full spectrum of cybersecurity. 
<h3>For more information, contact:</h3>
Tomas Sjöström CEO Truesec Inc. +1 (904) 441-9873 <a href="mailto:tomas.sjostrom@truesec.com">tomas.sjostrom@truesec.com</a>

Truesec Opens New US Headquarters in Florida

How To Recruit Securely In the Cyber Age

Human Threat Intelligence

In a time of rising geopolitical tension, the cyber threats facing German companies, organizations, and critical infrastructure have reached an all-time high. The country's strong industry and economy make it susceptible to escalating attacks with damaging consequences. Not only are the number of attacks expected to grow in numbers, but also in complexity, severity, and the societal damage they cause. As a result of the increased demand for professional security services in the region, Truesec is therefore establishing local operations in Munich, Germany. 
 – Our partners and clients have long requested Truesec's local presence in Germany and the DACH region. With our track record of assignments in the region and knowledge of the increasing cyber threats facing companies and organizations, launching local operations is a natural next step, says Anna Averud, CEO of Truesec Group. 
<h2>Truesec Incident Response in Germany </h2>
With more services to follow, Truesec is initially launching its Incident Response services to help organizations safely through a cyber attack with minimal impact and operational downtime. <a href="https://www.truesec.com/experts/markus-lassfolk" target="_blank" rel="noreferrer noopener">Markus Lassfolk</a>, Global SVP for Truesecs Incident Response unit, leads the German expansion until local management is in place. – Our goal is always to minimize downtime for clients and bring them back to operations as soon as possible. On average, it takes 23 days to restart a business after a ransomware attack. Truesec's clients are generally back in a considerably shorter time: usually, 3-5 days, says Markus Lassfolk, Global SVP of Truesec CSIRT, and adds:
<blockquote> – Combining the local presence of one of Europe's strongest Incident Response teams with our global network of cyber experts makes Truesec ideally positioned to help organizations prevent, detect, and fight cybercrime. We look forward to continuing our excellent collaboration with our regional partners and customers" </blockquote>
<h3>A Proven Record of Helping Victims Worldwide</h3>
Several of the larger Nordic companies and public sector actors affected by cyber attacks turn to Truesec, whose <a href="https://www.truesec.com/how-we-help/our-services/cyber-security-incident-response-team" target="_blank" rel="noreferrer noopener">Cybersecurity Incident Response Team </a>investigates most of the most severe incidents in Sweden and worldwide. Truesec works closely with the insurance sector, law enforcement, and security organizations worldwide and has local operations in Germany, Sweden, Denmark, Finland, and the US. 
<h3>Victim Of a Cyber Attack? </h3>
<a href="https://www.truesec.com/how-we-help/our-services/cyber-security-incident-response-team">Truesecs Incident Response Team</a> (CSIRT) is available 24/7/365 to help get businesses secured and back up and running as fast as possible. 
<h3>For more information, please contact: </h3>
Markus Lassfolk, Senior Vice President, Truesec CSIRT +46 (0)70 918 30 12 <a href="mailto:markus.lassfolk@truesec.se"> markus.lassfolk@truesec.se</a> 
 
Anna Averud, CEO, Truesec Group	 +46 (0)70 918 30 48		 <a href="mailto:anna.averud@truesec.com"> anna.averud@truesec.com</a>

Truesec Establishes in Germany to Protect Organizations Against Cybercrime

Freely translated nomination:
<blockquote>"With twenty years of experience in information and cyber security, he is often seen in the media in connection with cyberattacks, but he is also the one customers call when the worst has happened. With openness, he shares insights and knowledge about the cyber threats against Swedish companies and organizations in a clear and educational way, making Sweden safer."</blockquote>
Read more about the nomination here (in Swedish &#x1f1f8;&#x1f1ea;): <a href="https://computersweden.idg.se/2.2683/1.776832/de-kan-utses-till-arets-mest-inflytelserika-vid-tech-awards-2023">"De kan utses till årets mest inflytelserika vid Tech Awards 2023 - Computer Sweden"</a>
We are proud to have such a strong and inspiring leader among us, always striving for inclusion and sharing our insights in cyber - and on our joint mission to create a safe and sustainable future. Congratulations on the nomination Marcus!<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/News/Marcus-Murray-Truesec-Group-small.jpeg?w=2999&auto=compress%2Cformat&fit=crop&dm=1677759762&s=5b5bc3eb46815822fb4feb27a92d63fd" alt="Marcus Murray, founder Truesec" /></figure><h4> Marcus' Own Words About The Nomination:</h4>
<cite class="cite">18 years ago, Truesec was founded on my kitchen table in a suburb in Stockholm, Sweden. I still remember it like yesterday, I had a 2-year-old daughter, literally no money, and I had to quit my job and instead take a big credit in the bank to follow a desire to make a difference. Cybersecurity was not really a word, but I had a strong feeling it would be very important in the future, as the digitization of our society was beginning to pick up speed. Today, cybersecurity is essential to maintaining a sustainable society. Truesec has grown since then. Today I am just one of 300 specialists in a multi-national cyber security organization. Day and night we protect our society in a time of war in Europe. We engage in defending critical infrastructure against nation-state antagonists. We monitor 300.000+ systems 24/7/365. We conduct around 200 complex investigations of complex cyberattacks yearly, and bring damaged organizations back to normal. We bring security to public and private organizations and their applications, systems, networks and cloud. We provide threat intelligence and strategic capabilities to leaders, and we develop best-of-breed digital solutions to scale our capability to more regions. What makes me even more proud are ethical values of Truesec. We are a purpose-driven organization. We prevent and minimize the impact of cyber attacks. To ensure that we, for example, put purpose over profit. We believe in gender equality and that it must start from the top, our amazing CEO <a href="https://www.linkedin.com/in/ACoAAAAqs3oBcxUU_yQDAAHbX1qNH0O2vJ0weIE">Anna Averud</a> has recruited some of the most amazing female leaders into our management team, and it’s shaping our organization in amazing ways. We have a very friendly environment where we help each other and the people around us. We have an environment where you can be yourself no matter what. We have an organization where it’s ok to explore and try with the risk of failing since we know that’s how we learn and grow as individuals and as a team. We believe in collaboration with the government, partner organizations, and even competitors for the greater good. While organizations measure themselves by gross revenue and profit, we measure ourselves by the impact and outcome we bring to society. This organization is the result of each and every one in the Truesec organization. It is a true honor to be recognized together with 4 amazing individuals, Pernilla Ramslöv, Stina Ehrensvard, Deqa Abukar, and Erik Slottner. Nominating me, however, is not because of my individual accomplishments. I am only a front for each and every college working at Truesec. Colleges that impress and humble me every day with their achievements. This nomination is, in reality, yours to share! That said, thank you TechSverige, for the nomination and for appreciating all the individuals working for and with Tech in Sweden</cite>.<cite class="cite"> </cite>

Marcus Murray Top 50 Most Influential in Tech 2023

Threat Intelligence Report 2023

Amazon Cognito - A Quick Look Into Token Security

<h3>Russia Most Likely Behind the Attacks Against Sweden</h3>
Truesec’s Threat Intelligence unit has investigated the threat actor group to shed light on its activities and help identify its true motives. Although the threat actor behind the cyber attacks claims to be “Anonymous Sudan,” there are several indications that the attacks are, in fact, part of a Russian information operation. 
<h3>New Truesec Report Shows the True Motives of the Attacks</h3>
<a href="https://www.truesec.com/hub/report/anonymous-sudan-threat-intelligence-report" target="_blank" title="Original URL: https://www.truesec.com/hub/blog/what-is-anonymous-sudan Click to follow link." rel="noreferrer noopener">Truesec has released a new report</a> (published Feb. 20, 2023) that explains how the so-called "Anonymous Sudan" has nothing to do with the online activists collectively known as Anonymous. Instead, it was most likely created as part of a Russian information operation to create fear and uncertainty in Sweden to complicate Sweden’s NATO application.

"Anonymous Sudan": Most Likely Russia Attempting to Disrupt Sweden's NATO Application

Anonymous Sudan: Threat Intelligence Report

What Is Anonymous Sudan?

Increased Risk of DDoS Attacks

How To Prevent Ransomware Attackers From Taking Over Your ESXi 8.0 Hosts

Copiloting the Cyber Threat Landscape in the Travel Industry

Co-Protecting the Next Unicorns

M365 Security Boost

5 Hygiene Hacks for IT: Reduce the Risk of Ransomware

To build long-term resilience against cyber attacks, Truesec launches Attack Prediction Service, a Threat Intelligence service to extend threat monitoring beyond your perimeter into the adversary’s space.
<blockquote>"The criminal underground market for buying and selling access to organizations is rapidly growing. These access brokerages have become essential to the entire cybercriminal ecosystem. Threat groups are actively purchasing access to organizations to scale and speed up their criminal activities." says Christoffer Strömblad, Threat Intelligence Analyst at Truesec. “Today, organizations need to monitor for credential leaks or access brokers selling access to their estate of infrastructure, servers, clients, and users.”</blockquote>
<h2>Build a Strong Cyber Defence With Attack Prediction Service</h2>
The attack timeline is wider than the time from breach to incident response. Attack Prediction Service extends the Attack Prediction Service capability to the outside of your perimeter, to the adversary’s space, taking back the initiative from the attackers. 
Attack Prediction Service provides unique access to a constant stream of relevant and actionable intelligence about threat activity that will enable strategic decisions to build defensive capabilities for long-term resilience against cyber attacks. 
<h3>About Truesecs Attack Prediction Service</h3>
Truesecs APS enables the capability to:
<ul><li>Predict attacks by discovering indications that may lead to an attack, such as typo-squatted domains, newly registered certificates, or targeted attacker campaigns. </li><li>Prevent attacks by reacting when access brokers are willing to buy or sell access to accounts, systems, or entire organizations.</li><li>Discover and respond to leaked credentials.</li></ul>
Learn more about how this service can help your organization build stronger cyberdefense <a href="https://www.truesec.com/how-we-help/our-services/threat-intelligence">here</a>.

Predict Cyber Attacks With Attack Prediction Service

VMware ESXi 8.0 and execInstalledOnly - The Good, the Bad and the Ugly

Public Sector Report - November

Cracking the Chaos Ransomware Family

In a joint quest against cybercrime, Europol, the Dutch National Hi-Tech Crime Unit, and selected IT security companies have joined forces to disrupt cybercriminal businesses with ransomware connections. The global initiative No More Ransom helps ransomware victims retrieve encrypted data without paying the criminals. 
<blockquote>For every ransom paid, cybercriminal groups grow stronger. At Truesec, we have a strong track record of helping hundreds of clients recover from ransomware attacks – without having to pay a ransom. By being an active contributor to No More Ransom, we can help more victims with our technical expertise and help them minimize the damage from cyber attacks, says Markus Lassfolk Vice President of Truesec Incident Response.</blockquote>
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/Users/markus-lassfolk.jpg?w=3090&auto=compress%2Cformat&fit=crop&crop=focalpoint&fp-x=0.498&fp-y=0.458&dm=1634307693&s=bc7cb9465c84f46b3d6d2ba06fe5ec5f" alt="Markus Lassfolk, Vice President, Truesec Incident Respons" /></figure>
Markus Lassfolk, Vice President of Truesec Incident Response.
The cybersecurity company Truesec has been appointed as Associate Partner after contributing to the development of the new unique decryption tool and keys for the Chaos ransomware family, which will help thousands of victims retrieve encrypted data and valuable information. Truesec has been at the forefront of fighting cybercrime for many years and has extensive experience managing some of the most significant and complex incidents worldwide.
<blockquote>At Truesec, we know firsthand what devastating impact ransomware attacks have on organizations and critical infrastructure. We are happy to contribute to the No More Ransom initiative and welcome any collaboration that helps create safety for our societies. This is a fight we must win together, says Anna Averud, CEO of Truesec Group.</blockquote>
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/News/Anna-Averud-CEO-Truesec-Group.jpg?w=2000&auto=compress%2Cformat&fit=crop&dm=1670431229&s=34f79a55dd181dd1e3e5bd7435d36959" alt="Anna Averud, CEO, Truesec Group" /></figure>
Anna Averud, CEO of Truesec Group.

<h4>About No More Ransom </h4><figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/News/logo_no-more-ransom_Logo-full-blue.png?w=1771&auto=compress%2Cformat&fit=crop&dm=1670575566&s=c57885aced19c16b50686636b4949b77" alt="No More Ransom" /></figure>
No More Ransom, launched in July 2016, is a collaboration between Europol, the Dutch National Hi-Tech Crime Unit, and selected IT security companies, helping ransomware victims retrieve encrypted data without paying the cyber criminals.
Read more here: <a href="https://www.nomoreransom.org/">https://www.nomoreransom.org/</a>

Truesec Joins Forces With Europol To Fight Cybercrime

Swedish Energy Sector Report - October

In Times of Espionage and War – The Ethics of Security Vetting

Swedish Manufacturing Industry Report - September

How Much Money Should You Invest in Preventive Cybersecurity?

Holistic Cybersecurity – From Assessment to Strategy

Fortinet CVE-2022-40684 Vulnerability From an Incident Response Perspective

People Change Over Time − So Does the Human Threat Risk

To help strengthen Danish organizations' cyber resilience, reduce risk and limit the consequences, Truesec and WTW in Denmark have developed a new service for all insurance clients launched in 2022. WTW Cyber Defender covers the entire spectrum from prevention to insurance to crisis management.
<h3>Strengthened Cybersecurity With Truesec and WTW Cyber ​​Defender</h3>
WTW Cyber ​​Defender covers the entire spectrum from prevention to insurance to crisis management, with Truesec and WTW each contributing their unique expertise – Truesec in cybersecurity and WTW in cyber insurance. WTW Cyber ​​Defender contributes to reducing the risk of a cyber attack and limiting the consequences.
“We have combined our strengths and created WTW Cyber ​​Defender, which consists of six sub-elements, each of which helps to strengthen a company's cybersecurity. All combined, these elements provide the best prerequisite for preventing damage and avoiding loss due to data security breaches for companies in Denmark,” says Morten von Seelen, CEO ofTruesec A/S.
Read more about <a href="https://www.wtwco.com/-/media/WTW/Insights/2022/10/wtw-cyber-defender.pdf?modified=20221004092528" target="_blank" rel="noreferrer noopener">WTW Cyber Defender here.</a>
<h3>About WTW</h3>
WTW is Denmark's most prominent independent insurance adviser, with more than 35 years of experience in the Danish market. Today, it has over 400 employees in offices throughout the country.
WTW has local and global experts in cyber insurance and can tailor insurance programs for companies in all industries. WTW also provides advice and guidance in claims cases and looks after the company's interests vis-à-vis the insurance company. 

To learn how WTW Cyber ​​Defender can improve your organization’s cybersecurity, contact: <a href="mailto:cyberdefender@willistowerswatson.com">cyberdefender@willistowerswatson.com</a>.
Web: <a href="http://wtwco.com/">http://wtwco.com</a>
<h3>About Truesec</h3>
Truesec is a global cybersecurity company with a clear purpose: Creating safety and sustainability in a digital world by preventing cyber breach and minimizing impact. Over the years, Truesec has gained a strong reputation and earned the trust of organizations worldwide. Today, Truesec consists of 250+ dedicated cyber specialists covering the full spectrum of cybersecurity. <h4>Contacts</h4>
Morten von Seelen, CEO Truesec A/S: <a href="mailto:morten.von.seelen@truesec.com">morten.von.seelen@truesec.com</a>
Web: <a href="http://www.truesec.com/">www.truesec.com</a>

Reduce the Risk of Cyber Attacks With Truesec and WTW's Cyber Defender

Cyber threats continue to rise, and the demand for qualified cybersecurity expertise is greater than ever. Truesec is the market-leading cybersecurity company in Sweden, with established operations in Denmark, Finland, and the US, with more regions joining soon.
<h2>Erik Jönsson, New Managing Director for Truesec Sweden</h2>
To lead Truesec Sweden, Erik Jönsson has been recruited as Managing Director starting on October 3, 2022. Erik has extensive experience in cybersecurity and has previously worked at Trend Micro.
<blockquote>"Truesec really stands out with its strong culture and dedicated experts. I'm incredibly proud and happy to join a company that consistently and passionately works towards a common goal – to prevent cyber breach", says Erik Jönsson, Managing Director of Truesec Sweden.</blockquote>In 2018, Anna Averud took over as CEO of the cybersecurity group. She has since then, together with the leadership team, established Truesec's managed services, developed the portfolio of consulting services and increased its incident response capacity. Today, Truesec has the largest dedicated Incident Response team in the Nordics and has tripled its turnover in the last three years (in 2021, turnover was 300M SEK). To focus on her role as Group CEO, Anna Averud is handing over operational responsibility for Truesec Sweden to Erik Jönsson.
<blockquote>"Welcoming Erik to our team feels fantastic. His leadership and knowledge in the industry will strongly benefit our customers and take Truesec to the next level together with the team", says Anna Averud, CEO of Truesec Group. "Local leadership in combination with relevant services is central to Truesec Sweden, and the establishment of Truesec in new regions."</blockquote>
<blockquote>"With large investments in our range of services and solid delivery capacity, Truesec is in an attractive position to meet the market's growing need for cyber protection. In Sweden today, we are 220 employees. Within a couple of years, we will double our capacity. It's required if we're to be the number one cyber partner", says Erik Jönsson.</blockquote>
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/News/Erik-J%C3%B6nsson.jpg?w=3000&auto=compress%2Cformat&fit=crop&dm=1664982167&s=c91f3dc2f2f8717808be328049bf8685" alt="Erik Jönsson" /><figcaption>Erik Jönsson, Managing Director Truesec Sweden.</figcaption></figure>

Truesec Strengthens Its Position in Sweden

Manage and Reduce Cybersecurity Risk with NIST Cybersecurity Framework

“We are honored to be recognized as one of the world’s top managed security services providers by MSSP Alert.” says Tomas Sjöström, CEO of Truesec Inc.<blockquote>"As exciting as this recognition is for Truesec as a company, it's highly reflective of our aim to always stay at the forefront of protecting organizations against cyber threats", Thomas Sjöström says. </blockquote><h3>6th Annual List &amp; Research Identifies Leading MSSPs Worldwide </h3>
The rankings are based on MSSP Alert’s 2022 readership survey combined with the site’s editorial coverage of MSSP, MDR, and MSP security providers. The sixth-annual list and research track the MSSP market’s ongoing growth and evolution. "MSSP Alert congratulates Truesec on this year's honor. The MSSP Alert readership and Top 250 honorees continue to outpace the cybersecurity market worldwide", says Joe Panettieri, editorial director of MSSP Alert. <h4>About CyberRisk Alliance </h4>
CyberRisk Alliance (CRA) is a business intelligence company serving the high growth, rapidly evolving cybersecurity community with a diversified portfolio of services that inform, educate, build community, and inspire an efficient marketplace. <a href="https://www.cyberriskalliance.com/">Learn more</a>.

Truesec Named to MSSP Alert’s Top 250 MSSPs List for 2022

Vulnerabilities in Microsoft Exchange (CVE-2022-41040, CVE-2022-41082)

How Secure Boot Protects Your VMware ESXi Hosts Against Persistant VIB Threats VIRTUALPITA and VIRTUALPIE

Espionage in the 21st Century – How Do We Predict and Prevent This Growing Threat?

Prevent Insider Threats From Getting a Foothold With Security Vetting

Organizations today are challenged to keep up with the rapidly growing cybercrime, and Finland is no exception. To help more companies prevent cyber breaches, Truesec continues its journey in making leading cybersecurity expertise available in multiple markets.
Leading Cybersecurity Expertise in Finland and the Nordics
Backed by its financial partner, IK Partners, Truesec now expands to Finland with a handpicked Finnish team of cybersecurity specialists. Truesec Oy will offer leading cyber expertise and solutions in Finland to help organizations prevent and respond to data breaches Expanding into the Finnish market will provide organizations with local support backed by Truesec's strong Nordic presence and capacity. 
<blockquote>Now, with Truesec in Finland, and backed by a team of 250 dedicated cybersecurity experts, we’ve greatly increased our capacity to protect Finnish organizations and respond to cyber attacks. Our combined resources give us a leading edge in preventing cybercrime in Finland and globally,” says Sami Laiho, Chief Research Officer, Truesec Oy.</blockquote>
New CEO Matti Vainio will, together with his experienced team, focus on growing and steering the Finnish operations guided by Truesec's purpose: Preventing cyber breach and minimizing impact.<blockquote>I look forward to leading the expansion of our Finnish business", says Matti Vainio CEO of Truesec Oy. “Having a local team of experienced cybersecurity experts, combined with Truesec’s strong Nordic presence and capacity, gives us an advantage in the current market. In Sweden, Truesec is the first choice when it comes to cybersecurity. Our goal is to become preferred cyber partner in Finland as well.”</blockquote>
Truesec Continues To Strengthen Its Presence in Europe
Cybersecurity is essential for all organizations to protect their digital assets, maintain service availability, and ensure operations. To meet the growing demand for cybersecurity abilities, Truesec's focus in the past years has been on increasing capacity and broadening its portfolio of cybersecurity solutions. Today, the cybersecurity group is established in the Nordics, Europe, and the US, helping organizations worldwide to prevent cyber breaches.
<blockquote>Given the increased complexity and impact of cyber attacks today, there’s a growing need for cybersecurity expertise to protect businesses and our society. Establishing operations in Finland is a natural development for Truesec, and Sami and Matti’s unique expertise and experience will have great value to our customers in Finland", says Anna Averud, CEO of Truesec Group.</blockquote>

Truesec Launches in Finland With Top Cybersecurity Experts

Through the collaboration, Dustin will strengthen its "Modern Workplace" service by adding Truesec's managed security service Detect and Disarm, which actively monitors and protects customers’ IT environments by detecting and identifying threats and attacks. If any abnormal events are detected, the attackers are stopped, and the company's operations can continue without interruption.
<h3>Small and Medium Businesses Are Exposed to Cyber Threats</h3>
The number of cyber threats and data breaches has increased in recent years, and the growing security challenges are many. Not least, because many businesses are exposed to data breaches and fraud without knowing it. Small and medium-sized companies are exposed to the same risks as larger ones but often do not have the same opportunities to invest in their IT security.
<blockquote>We are very proud and happy to now be able to offer our customers increased security at an attractive price. Truesec is one of the leading security companies in the Nordics with leading expertise in cybersecurity. Together, we are now doing something wholly unique and filling a need in a way that no other actor does today”, says Rebecca Tallmark, EVP SMB Nordic, Dustin.</blockquote>
Dustin's strengthened security offer, "Modern Workplace," will be launched throughout the Nordics on September 2, 2022.
<blockquote>“We are proud and happy about Dustin's trust in choosing us as a security partner. We see an increase in inventive and brutal attacks against businesses of all sizes, and together we’ll increase cybersecurity by making our services available to more organizations. It motivates us greatly as we aim to help organizations and society prevent data breaches", says Anna Averud, CEO of Truesec Group.</blockquote>
<h4>About Dustin:</h4>
Dustin is a leading online-based IT partner in the Nordics and Benelux. They help their customers stay ahead by providing the right IT solutions for their needs, offering approximately 280,000 products with associated services to companies, the public sector, and private individuals. Dustin Group has about 2,400 employees and has been listed on Nasdaq Stockholm since 2015, with its headquarters in Nacka Strand just outside central Stockholm in Sweden.
<h4>Contact:</h4>
Karin Tränk Press &amp; PR Manager press@dustin.se +46 73 850 54 85

Truesec and Dustin Increase Security for Small and Medium-sized Businesses

The Beautiful Peruvian Jeweller That Turned Out to Be a Russian Spy

Hybrid Warfare and the Effects of Hybrid Threats on Cybersecurity

Russian Hacktivism

Stopping the Insider Threat at the Gate

Enterprises deploy Industrial IoT/OT solutions to enable data-driven automation. These solutions are at the core of a connected business; it’s the key enabler for efficient manufacturing, predictive maintenance, smart buildings, energy optimization, and many more use-cases.
Industrial IoT/OT (IIoT/OT) comprises hardware and software that monitors and controls industrial equipment, assets, processes, and events in real-time. The ecosystem of Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Distributed Control Systems (DCS), Remote Terminal Units (RTU), and Programmable Logic Controllers (PLC) are critical to ensure the operational efficiency and uptime within manufacturing and connected industries.
Industry 4.0 paves the way for more connected industries. This means more exposure of critical infrastructure to cyber threats, which in turn increases the risk of operational outages, both for enterprises and society as a whole.
The attacks on IIoT/OT environments are increasing, and we believe it will continue to be the trend for years to come, in essence, a rotation from attacking enterprise IT environments to attacking what is the backbone of industrial business operations: the OT environments.
Generally speaking, we believe that the expertise and focus on cybersecurity within IIoT/OT is not at the level it needs to be, especially not in relation to the potential impact significance of a breach.
There are a few key challenges we see that make up the cybersecurity dilemma for IIoT/OT environments:
<ul><li>Lack of monitoring and insight into industrial networks</li><li>Systems have many legacy devices running unpatched software with limited ability to be updated</li><li>Networks aren’t isolated from the enterprise IT networks</li><li>Networks aren’t properly segmented in between</li><li>Traditional IT EDR/NDR solutions don’t understand industrial protocols, limiting detection possibilities</li></ul>
Most importantly, we believe that the fear of operational outage limits the willingness to upgrade hardware/software in production environments. Hence, we’re pleased to share with you that our new service has zero performance impact on existing operational IIoT/OT environments.
Our new service, Detect and
Disarm for Industrial IoT/OT, extends our SOC with IIoT/OT-aware behavioral analytics and threat intelligence.
Through agentless NDR monitoring, we bring full visibility into assets and risks in your Industrial IoT/OT environments to enable real-time threat monitoring.
In addition to 24/7/365 managed detection of your IIoT/OT environment, we also bring insights into:
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/detect_disarm_iiot_ot_capabilities.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1654256599&s=b6cfaa30f31a774b74adb499d0898465" alt="" /></figure>
This service is seamlessly integrated with all our existing EDR and XDR services to enable interoperability across IT-IoT-OT and a holistic detection; however, it can also be provided as a separate service in those scenarios where it’s needed.
Don’t hesitate to contact us if you want to discuss the IIoT/OT cybersecurity needs for your particular business.
<a href="https://www.truesec.com/service/detect-disarm-for-industrial-iot-ot">Click to Learn More</a>

Introducing Detect and Disarm for Industrial IoT/OT

The Importance of Detecting Cyber Threats Before Operations are Impacted

Take Immediate Action to Mitigate Cyber Incidents

The Importance of a Holistic Cybersecurity Approach

Cyber attacks are continuing to increase at a worrying pace globally; at the same time, the adoption of IoT (Internet of Things) continues to lead the way for industry digitalization and transformation. We believe that the demand for security and advisory services within the IoT domain will grow dramatically because of the need to protect critical infrastructure from breach and outage.
With the number of reported IoT vulnerabilities skyrocketing exponentially in recent years and 57% of already deployed IoT devices being vulnerable to medium- or high-severity attacks, we believe it’s time to act.
<h3>IoT Is Everywhere </h3>
IoT today is seen everywhere, in all industries, and installations are growing at an exceptionally fast pace, expected to surpass almost 20 billion connected IoT devices globally by the end of 2022, a doubling in just a few years. This means that any elevator, digital lock, industrial production line, and other critical infrastructure is already or will be exposed to the internet.
Enterprises deploy IoT solutions to understand how their products are being used and to be able to make data-driven decisions to optimize operational efficiency. While IoT can enable significant business optimization, it certainly comes with risks. IoT security is today remarkably neglected; Truesec wants to contribute to a mindset shift to bring cybersecurity to the top of the IoT and digitalization agenda.															 







<h3>Dedicated IoT Cybersecurity Unit Ready To Help</h3>
We have appointed Patrik Axelsson as CEO for Truesec IoT. He will lead the way for the
dedicated business unit that focuses exclusively on services and advisory for IoT cybersecurity.

The commitment to the mission of preventing cyber breach and minimizing impact is at the core. We provide a tailored set of services and advice to support enterprises in building secure and sustainable IoT. Whether the enterprise is new to IoT or has a fully operational global IoT deployment, we work with companies of all sizes in any industry.

Truesec Launches IoT Cybersecurity Domain

Ransomware Attacks Linked to Russian Sanctions

Spring4Shell/SpringShell Spring Remote Code Execution Vulnerability: Impact and Response

How Do Red Teams Legally Hack Into Banks?

Analysis of CaddyWiper - Wiper Targeting Ukraine

Anticipating a Russian Cyber Response to Economic Sanctions

10 Recommendations To Prepare for an Escalating Cyber Conflict

Understanding the Value and Use of Threat Profiles

FIN12/Conti Syndicate Use TeamTNT Tools in Ransomware Attacks

Increased Cyber Threat to Critical Infrastructure

Cybercriminals Operate 24/7 – So Do We

Detect and Disarm

A First Step Towards Building a Cyber Threat Intelligence Capability

Threat Intelligence Report 2022

Threats to the Swedish Financial Sector in 2021

Current cyber threat situation in Sweden

Cybercriminals are becoming increasingly efficient at exploiting vulnerabilities to gain access to environments, forcing organizations to assume a breach mentality going forward. The speed of the attacks, from the initial foothold to when the attackers reach their goal, has increased. In less than 24 hours after the initial breach, threat actors can obtain full administrative privileges, which means complete control over the victim's network and IT infrastructure. 
<h3>Some Key Findings in our Threat Intelligence Report:</h3>
<ul><li>Ransomware remains the most significant and serious threat to medium and large companies. The number of ransomware attacks in 2021 increased by 26% compared to 2020. </li><li>The increase in the number of cyber attacks is due to the fact threat actors are now using automated tools that enable quicker attacks. Additionally, they recruit less-skilled affiliates that need only follow ready-made instruction manuals to act.</li><li>A majority of intrusions in 2021 began with threat actors exploiting known vulnerabilities in public-facing systems. Cybercriminals can quickly leverage such exploits in mass attacks against unpatched systems. </li></ul>
<h2>Know How to Protect Your Organization in the Coming Year</h2>
In our <a href="https://www.truesec.com/hub/report/threat-intelligence-report-2022" target="_blank" rel="noreferrer noopener">Threat Intelligence Report 2022</a>, you'll find actionable insight into the current threat landscape in Scandinavia and globally and advice on how to prioritize your cybersecurity efforts in the coming year. 
Our suggested priorities and cybersecurity recommendations are based almost entirely on responding to real incidents and stopping attacks during 2021. We have delved into every one of them to fully understand the root causes, what could have prevented the breaches, and minimized the impact.

Cybercriminals Have Shifted Tactics to Increase Profit

What Do Drones Have To Do With Social Engineering and Recruited Spies?

State-Sponsored Cyber Attacks Against Ukraine

Vulnerability Analysis of CVE-2022-21907 - HTTP Protocol Stack RCE

Organizations today are challenged to keep up with the rapidly growing cybercrime, given the increased complexity and impact of cyberattacks. In addition, with an ever-evolving threat landscape, there is a growing need for cybersecurity abilities to protect businesses against data intrusion. 
To help more organizations prevent cyber breaches, Truesec's focus has been increasing capacity and broadening its portfolio of cybersecurity solutions in the past years. Backed by its new financial partner, IK Partners, Truesec now sets off in Denmark together with a handpicked Danish team of cybersecurity experts. The expansion into the Danish market will give the organizations local support backed by a strong Nordic presence. 
Truesec A/S will, through its expertise in cybersecurity, offer increased cyber resilience through threat intelligence-driven services, active IT surveillance, and incident response. Morten von Seelen and his experienced team will steer the Danish operations guided by Truesec's common purpose: Preventing cyber breach and minimizing impact. 
<blockquote>Our goal is to secure companies established in Denmark from cyberattacks and minimize impact. Having a team of experienced Danish incident responders and 24/7 monitoring in the Nordics gives us an advantage in the current market. Our team has been a part of many of the biggest incidents in the Nordics in the past years. Combined with Truesec’s total capacity, it will become a real game-changer for our customers in Denmark. Morten von Seelen, CEO of Truesec A/S.</blockquote>

Truesec Strengthens European Presence – Expands into Denmark

Log4j/Log4Shell Explained - All You Need to Know

Using a Legitimate Application to Create Persistence in Your Azure Active Directory

Log4j - How To Secure Your VMware Horizon, UAG and vCenter Servers Against the Log4Shell Vulnerability (CVE-2021-44228)

Log4Shell / Apache Log4j Injection Vulnerability CVE-2021-44228: Impact and Response

Common Active Directory Misconfiguration

This long-term partnership gives the Red Cross access to Truesec's full range of services and cybersecurity expertise. The organizations will also be collaborating on development projects, during which the Red Cross will offer Truesec its insight and know-how. 
With the ongoing digital transformation, IT and information security are becoming increasingly important for the Red Cross. The organization's ability to provide emergency assistance and disaster relief worldwide is dependent upon the robustness of its IT systems and security of its data.
“We are the world's foremost disaster organization. Our capability to provide relief in a crisis depends on our ability to communicate with each other as well as having access to the right information. As an increasingly digital organization, we need to reinforce our IT and information security. Therefore, we have chosen to enter a partnership with Truesec to develop and strengthen our cybersecurity capabilities in a structured way”, says Martin Tägtström, CIO at the Swedish Red Cross. 
The partnership is based on a mutual commitment toward a safer and more secure world. By supporting the Red Cross, Truesec is advancing its mission of a secure digital future. 
“We look forward to contributing to the Red Cross' important work. They make a true difference to so many in need, and we are grateful for their trust”, says Anna Averud, CEO of Truesec Group.

The Red Cross Calls on Truesec to Strengthen Its Security Posture

ProxyShell, QBot, and Conti Ransomware Combined in a Series of Cyber Attacks

In IK Partners we find our ideal partner to support our vision. Together, we commit to our mission, and endeavor to continuously protect organizations and society from cyber threats. 
“We firmly believe that a partnership between Truesec and IK Partners will form a solid basis for capturing value creation opportunities across several dimensions, specifically helping us to further solidify the Group’s market position in the Nordics as well as expand its presence outside current core markets.”, says Anna Averud, CEO Truesec Group.
Read our <a href="https://press.truesec.se/posts/pressreleases/truesec-announcing-a-new-financial-partner">press release</a> in our newsroom.

New Financial Partnership Announcement – Truesec and IK Partners

<h2>Highest Perceived Value in Relationship with Their Customers</h2>
The result from market research company Swedish Radar Ecosystem Specialist's report on IT security vendors (“IT-säkerhetsspecialister, tillit och varumärkeskännedom 2021”), puts Truesec as number one in perceived value in the relationship with their customers.
A total of 321 respondents (IT decision-makers) were asked the question about which suppliers transfer the highest value in relationship with their customers (i.e., perception of value in the relationship). The response was that a large majority (72%) of all respondents viewed Truesec to provide the highest value.
See below results for details (in Swedish):
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/Radar-Ecosystems-Specialists-2021-Report-Page-Emotionell-leverant%C3%B6rsutv%C3%A4rdering.PNG?w=1240&auto=compress%2Cformat&fit=crop&dm=1636025270&s=3cb23f41b50ec99a5d9f1174abe10311" alt="From Radar Ecosystem Specialists Report" /></figure>
To access the full report please visit <a href="https://radareco.se/" target="_blank" rel="noreferrer noopener">Radar Ecosystem Specialists webpage</a>.

Truesec Top-Rated by Clients in Perceived Value

Back in Business After the Largest Ransomware Attack of All Time

Swedish Red Cross on Staying Compliant Through Sensitive Data Breach

UAParser.js npm Package Supply Chain Attack: Impact and Response

Supply Chain

Kaseya Supply Chain Attack Targeting MSPs to Deliver REvil Ransomware

A Ciso's Guide to Incident Readiness

Threat Intelligence Report 2021

This helps reduce the risk of being affected both by mistakes in development and, for example, vulnerabilities in third-party dependencies. Additionally, a secure coding standard increases the ability to introduce effective static code analysis (SAST) and can simplify debugging by reducing the number of potential pathways in code.
In this training, we either present general recommendations on patterns or adapt the recommendations to the frameworks and languages in use.
This training can be performed on-site or remotely.

Secure Coding Patterns

Guidelines to Help Companies Strengthen Their Cybersecurity

Chief Technical Officer, Truesec Group

Hacker and Creative

Senior Technical Architect

Principal Forensic Investigator and Cybersecurity Expert

Stories From the CSIRT Front Lines

Technical Director of Development

Chief Innovation Officer (CINO)

Managing Threats and Vulnerabilities From Third-Party Dependencies

The knowledge level of the teacher and the ability to convey knowledge raises you high above other companies! There is a passion for the topic that makes it always the latest and with the best advice that comes with the teaching.

We provide you with world class experts at our training sessions.

Our experts

World Class Cybersecurity Expertise

Truesec trainings

Cybersecurity Training To Improve Your Technical Skills

Senior Infrastructure Specialist

Senior Consultant Infrastructure

In this lecture-style class developed and presented by Marcus Pettersson (Senior Consultant), together with Viktor Hedberg (Senior Consultant Secure Infrastructure), you will learn how to protect and defend identities, devices, and data using the latest features in Microsoft 365. By understanding how the different products work and integrates with each other, you will see several new opportunities you may already have access to in your M365 subscriptions.
The training is divided in to four sessions, each covering different aspects of M365. The Sessions are held online at 3 pm to 5 pm CET. All sessions are presented in English.
First session will focus on Azure AD, where we will talk about the importance of Zero trust and why you need to change many of the default settings in Azure AD to secure your identities.
Second session will cover how to protect your infrastructure using Microsoft 365 Defender. We will cover the different defender services to ensure that we can protect our endpoints and identities from threats and how we can use the capabilities of M365 Defender to investigate suspicious activity in the environment.
Third session will focus on endpoints and how we can ensure that our devices can be secure and managed in the new hybrid work era. We will look at how Intune can help us secure both desktop and mobile operating systems.
Fourth session, we will look at the compliance features within Microsoft 365. Many organizations store sensitive information in Office 365, which makes it important to ensure that the information does not end up in the wrong place. We will use Microsoft Purview services to classify and protect sensitive information.
After these sessions, you will have a unique and deep understanding of the threat-protection and compliance stack in Microsoft 365, how you can leverage it in your own environment, and prepare for when the worst happens.
<h2>Course description:</h2>
<h3>Session 1 – Securing Azure AD</h3>
Azure AD is the identity platform used by all Microsoft 365 services. In this module you will learn why it’s so important to have good security controls in place and how to configure Azure AD to ensure your users and sign-ins are protected.
<ol><li>Why the default settings in Azure AD needs to be changed.</li><li>Start your Zero Trust journey with Conditional Access.</li><li>Secure your MFA registrations.</li><li>Understand the possibilities (and dangers) with Enterprise Applications.</li><li>Protect your sign-ins with Identity Protection.</li><li>Protect your administrative roles with Privileged Identity Management.</li><li>Understand why logging is so important and how Azure AD logs will help your investigations.</li></ol>
<h3>Session 2 – Understanding Microsoft 365 Defender</h3>
Microsoft 365 contains a lot of powerful security features. Microsoft 365 Defender is a collection of multiple security services aimed at different parts of your IT infrastructure. In this module, you will learn how the Defender suite help to secure your modern workplace and how to get the most out of the services.
<ol><li>Protect your Endpoints with Defender for Endpoint.</li><li>Get insight in your domain controller traffic with Defender for Identity.</li><li>Ensure that your organization is protected from e-mail originating threats with Defender for Office365.</li><li>Monitor and control your cloud application usage with Defender for Cloud Apps.</li></ol>
<h3>Session 3 – Protect your endpoints with Microsoft Endpoint Manager</h3>
With the new hybrid-work era, it’s important to have good management abilities on your endpoints wherever in the world they are located and weather you are using Windows, Mac, iOS, or Android devices. All of them needs to be managed and monitored so your users can feel safe while performing their day-to-day work. In this module, you will learn how Endpoint Manager can be used to properly manage and enforce security controls across your device platform.
<ol><li>Configure Windows Autopilot.</li><li>Onboard your mobile devices.</li><li>What is Apple Business Manager and why is it important?</li><li>Enforce security settings to your devices.</li><li>Safeguard your corporate data on private and corporate owned mobile devices.</li><li>Use your devices to strengthen your Zero Trust configuration.</li><li>Ensure that only the devices you approve can be enrolled. </li></ol>
<h3>Session 4 – Compliance in Microsoft 365</h3>
With a lot of potential sensitive information used and stored within Microsoft 365, it’s important as an organization to ensure that this information does not end up in the wrong hands. In this module you will learn how to use the available Purview compliance features to protect your sensitive data.
<ol><li>How Microsoft Purview Information Protection will classify and protect your documents and email messages.</li><li>Use Purview Data Loss Protection to prevent information leakage to external parties.</li><li>What is in-place and litigation hold and when should you use it.</li><li>Understand how eDiscovery will help you to investigate mailbox, Teams, and SharePoint activities in your own environment.</li></ol>
Why it is so important to enable the Unified Audit Log, and how should you use it in case of a breach.
 
<h4>Quick facts / FAQ:</h4>
<ul><li>What language will be used? All sessions are held in English.</li><li>Will you receive a recording after the sessions? Yes, a recording of the session will be available for download after the session.</li><li>We are a couple of colleagues who would like to participate, can we purchase one ticket and join from a conference room? Tickets are priced per person, so all participants need to purchase their own. But joining from a conference room with colleagues sounds great!</li><li>Can you join onsite at Truesec premises? No, this is a remote only session.</li></ul>

M365 Security Boost | Price: 7500 kronor (SEK) | Dates: August 22, 23, 29, 30 | Time: 15:00-17:00 (GMT+1) | Virtual

M365 Security Boost | Price: 750 dollar (USD) | Dates: August 22, 23, 29, 30 | Time: 9am-11am (EST) | Virtual

M365 Security Boost | Price: 7500 kronor (SEK) | Dates: March 22, March 29, April 19, April 26 | Time: 15:00-17:00 (GMT+1) | Virtual

M365 Security Boost | Price: 750 dollar (USD) | Dates: March 22, March 29, April 19, April 26 | Time: 9am-11am (EST) | Virtual

We use OWASP Juice Shop as a training ground. We'll discuss mitigations and how you can avoid the vulnerability class when developing using patterns and best practices for select sets of vulnerabilities.
In this training, we'll start by utilizing the developer console in a web browser and continue to show examples of simple DAST usage (Dynamic Application Security Testing) and tools that can be used to simplify vulnerability discovery.
 
This training can be performed on-site or remotely.

Application Security Testing and Mitigation for Developers and Testers

In this lecture-style class developed and presented by Viktor Hedberg, Senior Consultant at Truesec and Microsoft MVP, alongside Marcus Pettersson, Senior Consultant at Truesec, you'll learn how to protect and defend identities, devices, and data using the latest features in Microsoft 365. By understanding how they all fit together and can be integrated, you'll realize the opportunities you may already have access to in your M365 subscriptions.
We'll begin with hybrid Identity, including Defender for Identity and Identity Protection, and then move through Defender for Office 365. This will allow us to protect access to data and ensure that we have a first line of defense against malware and phishing attempts.
Next up, we'll secure our endpoints with Defender for Endpoint and Microsoft Endpoint Manager. The focus will be on Windows, but we'll cover Linux, macOS, Android, and iOS because that's the reality for many IT administrators out there today.
Once we've implemented our first line of defense, it's time to combine them all into Microsoft Cloud App Security and Microsoft Threat Protection. You'll learn how Cloud App Security integrated with MDE can give you complete control of your Shadow IT and how it becomes your hub for security. We'll also share how you can collect logs from all these tools, and others, into Azure Sentinel, showing you how to use a SIEM in the most efficient way.
Lastly, we'll put all of this to the test by running simulated attacks and defending against them. You'll also be given a unique insight into how Truesec works proactively to protect our customers. The grand finale is all about being prepared for when the worst happens and how you should handle an IT breach or attack. We'll share the best approaches from our Incident Response team so that you can be more prepared.
When you've finished the class, you'll have a unique and deep understanding of the threat-protection stack in Microsoft 365, how you can leverage it in your own environment, and prepare for when the worst happens.
<h3>Course Outline</h3>
Cloud Protected Identities
<ul><li> How to properly configure Azure AD Connect and why you should</li><li> Microsoft Defender for Identity (MDI)</li><li> Azure AD Identity protection</li><li> Multi-factor authentication</li><li> Privileged Identity Management</li></ul>
Threat Protection in Office 365 and Azure 
<ul><li> Microsoft Defender for Office 365 (MDO)</li><li> Data security and compliance</li><li> Microsoft Cloud App Security – Introduction</li></ul>
Protect and Defend Your Endpoints
<ul><li> Microsoft Defender for Endpoint (MDE)</li><li> Windows 10 security and hardening</li><li> Protecting Linux and MacOS</li><li> Mobile Device Management using Microsoft Intune</li><li>Compliance and reporting</li></ul>
Integrations and Log Management
<ul><li> Microsoft Threat Protection</li><li> Auditing and security in Office 365 and Azure</li><li> Microsoft Cloud App Security (MCAS) – Deep-dive</li><li> Azure Sentinel</li></ul>
Real-Life Cybersecurity
<ul><li> Using MCAS to control shadow IT</li><li> Introduction to threat hunting in Azure Sentinel and MDE</li><li> Attack simulations</li><li> Incident response in real life</li></ul>
 
<h3>The Fine Print</h3>
Level 300
<h4>Who Should Attend</h4>

IT security engineers 
IT security architects 
Device Administrators 
Workplace architects
<h4>Prerequisites</h4>
Understanding of Active Directory and Azure Active Directory 
Understanding of especially Windows 10, authentication, and security features 
Basic understanding of Microsoft Azure services 
Understanding of Office 365
<h4>Material</h4>
Slidedeck 
Scripts 
Links 
Tips and tricks

Implementing Microsoft 365 Security Solutions

Implementing Microsoft 365 Security solutions

This two-day lecture-style course, developed and presented by Simon Binder, Microsoft MVP, is aimed at device administrators that want to learn how to configure and manage devices independent of operating system. We will not cover Configuration Manager in detail, but we will deep-dive into your different options for managing Windows machines.
You'll not only finish this course with plenty of new knowledge but also with some challenging mindsets and boosted self-confidence that will enable you to create the best possible mobile experience for your users.
 
<h2>Class Outline</h2>
Configuring the MS Intune service
<ul>
<li>Choosing your Windows-management approach</li>
<li>Microsoft Intune service design and considerations</li>
<li>ABM/ASM, Android Enterprise</li>
<li>Microsoft Cloud App Security, Microsoft Defender ATP, Microsoft Store for Business</li>
</ul>
<h3>Modernizing Windows Management</h3>
<ul>
<li>Co-management</li>
<li>Security baselines and configuration policies</li>
<li>Application management</li>
<li>Windows Update for Business</li>
</ul>
<h3>Making the Apple Eco-system Ready for Work</h3>
<ul>
<li>Apple Business/School Manager deep-dive</li>
<li>MacOS</li>
<li>iOS/iPadOS</li>
<li>First- and third-party integrations (like JAMF)</li>
</ul>
<h3>Securing Android With Android Enterprise</h3>
<ul>
<li>Android Enterprise</li>
<li>OEM config and other configuration options</li>
<li>First- and third-party integrations</li>
</ul>
<h3>Protecting Access to Apps and Data</h3>
<ul>
<li>Application Protection Policies</li>
<li>Windows Information Protection</li>
<li>Conditional Access</li>
<li>First- and third-party integrations</li>
</ul>
<h3>Troubleshooting and Reporting</h3>
<ul>
<li>Troubleshooting</li>
<li>Reporting</li>
<li>Compliance</li>
</ul>
<h3>The Fine Print</h3>
Level 300
<h4>Who Should Attend</h4>
Device administrators 
Digital Workplace architects and service owners 
Configuration Manager administrators 
2- and 3-line support engineers
<h4>Prerequisites</h4>
Basic understanding of Azure AD 
Basic understanding of applicable operating systems (for your organization) – iOS, Android, MacOS, and Windows 10 
Basic understanding of Powershell 
Optional: 
Basic understanding of Microsoft Endpoint Manager – Configuration Manager
<h4>Material</h4>
Slidedeck 
Scripts 
Links 
Tips and tricks

Managing Endpoints With Microsoft Intune

Learn how to take control of your mobile devices and allow your workforce to be productive while ensuring that your corporate data is secure. This course focuses on managing devices with Microsoft Intune.
<h3>Hands-on Labs</h3>
Over 60 percent of your time in class is dedicated to hands-on labs and exercises based on self-perceived real-life scenarios and methods verified to work in production environments. And the best part, you get access to all the sample files and scripts.
<h3>Class Outline</h3>
Manage and Create User and Group Identities
<ul>
<li>Set up and configure a demo tenant for Mobile Device Management</li>
</ul>
Prepare for Mobile Device Enrollment
<ul>
<li>Configure enrollment restrictions</li>
<li>Personal and corporate-owned devices</li>
<li>Apple DEP and Configurator</li>
<li>Android for Work</li>
<li>Windows Autopilot</li>
<li>Device enrollment experience for iOS, macOS, Android, and Windows 10</li>
</ul>
Manage Mobile Device Policies
<ul>
<li>Device features and restrictions</li>
<li>WiFi profiles</li>
<li>Email profiles</li>
<li>VPN profiles</li>
<li>SCEP certificates</li>
<li>PKCS certificates</li>
<li>Custom configurations (OMA-URI)</li>
</ul>
Manage Mobile Apps
<ul>
<li>App Configuration policies</li>
<li>App Protection policies</li>
<li>App stores integration (Apple VPP, Android for Work, and Microsoft Store for Business)</li>
<li>App inventory</li>
<li>App categories</li>
<li>Mobile device and apps inventory</li>
</ul>
Secure Access to Resources
<ul>
<li>Conditional Access</li>
<li>Compliance policies</li>
<li>Role-based Administration</li>
<li>End-user branding experience and license terms</li>
<li>Automate common tasks with PowerShell</li>
</ul>
<h3>The Fine Print</h3>
Level 
300 (Advanced)
Who Should Attend 
IT Pros and Systems Administrators
Prerequisites 
Basic understanding of Windows Server and Active Directory
Material 
Student Lab Manual, slide decks, and lab files

Mobile Device Management Using Microsoft Intune

Mobile Device Management Using Microsoft Intune - may-19-2020-remote-virtual-only-simon-binder

Senior Consultant

Online Virtual | Attend in Person 
Level: 200
Prerequisites: Basic scripting knowledge in any scripting language.
Course Objectives: After completing this lab, you'll have learned the fundamentals of PowerShell and should have a good understanding of how to automate daily tasks, site management, and much more using PowerShell.
Material: Lab manual and presentations.
In this lab, you’ll learn the following:
– What is PowerShell – cmdlets, modules, aliases, profiles, and drives. – Using the pipeline, objects, storing, knowing, and processing data. – Functions, conditional statements, WMI, remoting, and best practices.
<h2>Chapters</h2>
<ul><li>Intro to PowerShell<ol><li>What is PowerShell?</li><li>What can I do with PowerShell?<ol><li>Scripts</li><li>UIs</li><li>Desired State Config</li><li>Discussion about some things I’ve written for clients</li></ol></li><li>Know your IDE<ol><li>PowerShell ISE</li><li>Visual Studio Code</li><li>Terminal</li><li>Text Editor</li></ol></li><li>OOP and PowerShell<ol><li>Intro to the concept of Everything is an Object</li><li>Properties/Methods</li><li>PowerShell Case Sensitivity</li></ol></li><li>Hello World<ol><li>Running Lines vs. Script</li><li>Tab Completion</li><li>PowerShell Sessions</li></ol></li><li>Getting Help<ol><li>Get-Help, Get-Command, Get-Member</li><li>Google</li></ol></li></ol></li><li>Cmdlets, Modules, Functions, and the Pipeline<ol><li>What is a Cmdlet?<ol><li>Types of Cmdlets<ol><li>Binary</li><li>Script</li></ol></li><li>Intro to common Cmdlets<ol><li>Write-Host</li><li>Write-Info/Error/Warning/Output</li><li>Get-Content</li><li>Out-File</li><li>Out-Null</li></ol></li><li>Alias<ol><li>Why I don’t use them!</li></ol></li></ol></li><li>What is a Module?</li><li>What is the Pipeline?</li><li>What is a Function?</li></ol></li><li>Variables and Basic Datatypes<ol><li>What is a variable?<ol><li>User-defined Variables</li><li>Environmental Variables</li><li>Special Variables<ol><li>$null</li><li>$ErrorPreference for example</li></ol></li><li>Global Variables</li></ol></li><li>What do you mean by DataTypes?<ol><li>String<ol><li>Expandable</li><li>Literal</li><li>String operations</li></ol></li><li>Integer<ol><li>Integer operations</li></ol></li><li>Boolean<ol><li>Bool operations (intro to comparing)</li></ol></li><li>Date<ol><li>Date operations</li></ol></li></ol></li><li>Getting information about a variable<ol><li>GetType()</li><li>Get-Member</li></ol></li><li>Parenthesis, Brackets, and Square Brackets<ol><li>Difference between the three</li></ol></li><li>Data Structures and Collections of Objects<ol><li>Simple Array</li><li>ArrayList</li><li>List&lt;Type&gt;</li><li>Hash Table</li><li>Creating Objects from Hash Table</li></ol></li><li>Conditionals, Time for a Decision<ol><li>Operators</li><li>If/Then</li><li>If/Then/Else</li><li>If/Then/ElseIf</li><li>Testing your Conditionals</li><li>Combining Conditionals<ol><li>-and -or</li></ol></li><li>Switch</li><li>Comparing to $null</li></ol></li><li>Loops, Loops, Loops<ol><li>While</li><li>Do Until</li><li>Do While</li><li>For</li><li>ForEach</li><li>ForEach-Object</li><li>(1..10) Example</li></ol></li><li>Error Handling<ol><li>What is an Error?</li><li>Why am I handling it?</li><li>Types of Errors<ol><li>Terminating</li><li>Non-Terminating</li><li>ErrorAction</li></ol></li><li>Pipeline Pollution<ol><li>What does Polluting the Pipeline mean?</li><li>Example</li><li>How to fix</li></ol></li></ol></li><li>Getting data you want (Selecting, Filtering, Sorting)<ol><li>Select-Object</li><li>Where-Object</li><li>Sort-Object</li></ol></li><li>Functions<ol><li>What is a function?</li><li>Why use a function? Or When to use a function?</li><li>Writing Simple Functions<ol><li>Simple Function</li><li>Simple Function w/Args</li></ol></li><li>Writing Advanced Functions<ol><li>Function with Params</li><li>Function with Advanced Params</li><li>Function with Advanced Params + Common Params</li></ol></li></ol></li><li>Writing and using Cmdlets (Script based)<ol><li>Writing your own cmdlets</li><li>Using your own cmdlets</li></ol></li><li>Dot Sourcing<ol><li>Manual Dot Sourcing</li><li>Profile load dot sourcing</li></ol></li></ol></li>
</ul>

Introduction to PowerShell

Introduction to PowerShell  - Jun 27- Jul 1, 2022 - Tim Davis

Identify Your Vulnerabilities and Risks

Develop and Manage Your IT Securely

Detect and Respond to Intrusion

Respond to and Quickly Overcome a Cyber Attack

Get Cybersecurity Advice

How We Help

Our Services

Are you under attack?

Identify Your Vulnerabilities and Risks

Develop and Manage Your IT Securely

Detect and Respond to Intrusion

Respond to and Quickly Overcome a Cyber Attack

Get Cybersecurity Advice

How We Help

Our Services

Are you under attack?

Secure Coding Patterns

Enquire training

Online trainings

Training

M365 Security Boost

Training

Application Security Testing and Mitigation for Developers and Testers

Training

Secure Coding Patterns

Training

Implementing Microsoft 365 Security Solutions

Training

Managing Endpoints With Microsoft Intune

Training

Mobile Device Management Using Microsoft Intune

Training

Introduction to PowerShell

Training

Introduction to Windows 10 Management

Training

Social Engineering, the Human Side of Security [2 Days]

Training

Cybersecurity Threats and Defenses in a Microsoft 365 Platform

Stay ahead in cyber

You might also like...