Over the past couple of years, the Security Information and Event Management (SIEM) solution has been recognized as an effective tool in the Security Operation Center (SOC) of organizations. Whether it comes to managing the multiple tools or meeting the compliance standards, SIEM has always been playing its crucial role. However, since there is a multitude of SIEM solutions available in the IT market today, selecting the right one is an extremely important but difficult task for enterprises.

In most of our blogs, we spend a TON of time going on about protecting our endpoints, looking at sysmon, checking the firewall, correlating IDS data and the like… Today, we're going to shift gears a bit and look at security from a different angle. Recently, there has been a tremendous focus on the shifting paradigm of a workforce that primarily resides in corporate offices, to a highly virtual workforce sitting at their kitchen tables.

In my first article on Cyber Security Threat Intelligence Analysts, (CTI analysts) we covered what a CTI analyst is and discussed how they can bridge the gaps between IT, Security, and the Business. We discussed how this is beneficial to the maturity of the business, but what exactly did we mean by this? In the second article of our CTI analyst series, we’ll cover the unique benefits a CTI analyst brings to an organization by enhancing.

Email scams are nothing new, just about everyone has heard of that one Nigerian Prince for example, but there is another phishing scam doing the rounds and unsurprisingly it is Coronavirus flavoured. Gmail users alone are being targeted with up to 18 million phishing email hoaxes every single day. Of course, it doesn’t end there with ‘regular’ email users – healthcare professionals are being targeted also.

There is that song by Baz Luhrmann, well it was actually a speech of his first that was later made it into a catchy jingle. It goes … If I could offer you only one tip for the future, sunscreen would be it A long-term benefits of sunscreen have been proved by scientists Whereas the rest of my advice has no basis more reliable Than my own meandering experience, I will dispense this advice now Unfortunately in securing your business, there is no Sunscreen type solution.

As the technology advances and more business processes become digitalized each day, we seek new ways to protect our valuable data from prying eyes and cyber criminals. Post-quantum cryptography is one of these new ways. In this article, we will discuss what post-quantum cryptography is and why we will need it very soon.

A shift has occurred in the bastion of corporate hierarchy in the last few decades that has fundamentally changed how organizations operate. This shift started about sixteen years ago in 1994 with Citibank/Citigroup. After suffering a cybersecurity incident, they created the role of Chief Information Security Officer (CISO); a role which has only grown in prominence since.

Have you ever wondered whether it’s ok to copy and paste code from an open source project? If you have, you’re not alone. A quick look around several developer websites shows a number of variations on this age-old question. It is never ok to copy and paste code from an open source project directly into your proprietary code. Don’t do it. Just don’t. Even if you’re on a tight deadline. Even if it’s only one loop.

This is the final blog of our three-part blog series on living-off-the-land (LOTL) attacks. If you missed last week’s blog, you can read it here. LOTL attacks are also known as “malware-free” attacks because your own tools are used against you, either to hide malicious activities under a legitimate system process, or to leverage genuine system activities for malicious purposes.

In this blog post, we’re going to explain how to monitor Open Policy Agent (OPA) Gatekeeper with Prometheus metrics. If you have deployed OPA Gatekeeper, monitoring this admission controller is as relevant as monitoring the rest of the Kubernetes control plane components, like APIserver, kubelet or controller-manager. If something breaks here, Kubernetes won’t deploy new pods in your cluster; and if it’s slow, your cluster scale performance will degrade.