More and more organizations are abandoning the outdated waterfall development methodology for more practical and efficient Agile development practices. As this movement has occurred, development teams are moving faster than ever by employing Continuous Integration (CI) and Continuous Deployment (CD) practices that are serving to shorten development cycles and get new features into production faster. This does, however, come with greater security risk in some respects.

Every year, Australians lose over $6 billion due to financial fraud and cybercrime , so it is great to see the collaboration between banks in Australia to fight fraudsters head-on with the help of the Fraud Reporting Exchange (FRX ). The FRX is a trusted, secure, single platform providing timely and efficient means of reporting and actioning fraudulent (including scam) activities between banks.

As cloud technology continues to be a cornerstone of modern businesses and organizations, securing cloud environments has become more crucial than ever. Enter cloud security posture management (CSPM), a proactive approach to ensuring the security of cloud infrastructures. With CSPM, organizations can continuously monitor, assess, and remediate potential vulnerabilities and misconfigurations in their cloud environments. But when choosing a CSPM solution, is open source the way to go?

Kubernetes, and containerization in general, has a wealth of benefits for many teams operating cloud-native applications. From a threat detection standpoint, however, it is often difficult for newcomers to this space to gain the relevant hands-on experience without trampling over production environments. The Sumo Logic team has previously authored articles on Kubernetes DevSecOps vulnerabilities and best practices as well as Kubernetes logging and monitoring.

Security engineering teams spend hours every week tuning their security information and event management (SIEM) systems to ensure that they are effective at detecting security threats and minimizing false positives. Such “tuning tax” is common as customers add new SIEM rules to cope with rapidly changing threat landscape and attacker tactics and as their attack surface evolves through automated changes to their application and infrastructure stacks.