Hey There, Recently we ran a webinar ( English | German | French) in which we showed how Security Operations Teams can plan based on the MITRE ATT&CK Navigator, a threat-centric defense strategy. We also demonstrated how to operationalize it with content from the Splunk Security Essentials app via Splunk Enterprise Security. We received so many questions from attendees during the session that we weren’t able answer them all.

There are a variety of methods that an organization can implement to test its ability to withstand a cyberattack or another type of catastrophic situation. One such technique is to conduct a crisis simulation. The term crisis simulation is somewhat generic and seems awfully similar to other types of exercises organizations run to test their level of preparedness.

SSH was designed in 1995, LDAP was initially developed in 1993, and role-based access control was introduced in 1992. The concept of least privilege was introduced in 1975. With all of these existing technologies, when are modern privileged access management solutions necessary? This is a common question asked when we pitch the idea of modern privileged access management (PAM).

Proactively finding and eliminating advanced threats through threat hunting is a growing necessity for many organizations, yet few have enough resources or skilled employees to do it effectively. For those who do have an active threat hunting program, the process is often manual and time consuming. With cloud security automation, however, you can implement rules that automatically adjust your security policies based on the latest threat data.

With dependence on containers growing more every year, developers need the best container security solutions they can find, and those solutions have to integrate seamlessly into existing development workflows. Snyk’s partnership with Sysdig has helped us strengthen our commitment to building tools for container security, and growing those tools to meet the evolving needs of developers. And as a developer-first organization, we truly value feedback that comes right from developers themselves.

Over the last 25 years, WatchGuard has driven consistent innovation and growth. In recent years that growth accelerated significantly—fueled by our aggressive portfolio expansion and our ability to build and retain an enviable channel community—as we united behind the mission of making enterprise-grade security accessible to all customers via Managed Service Providers (MSPs).

Managing access rights of privileged users is one of the cornerstones of data security. That’s why the privileged access management (PAM) market is booming with tools and practices. But this variety of PAM options makes it challenging to figure out which practices and controls your organization can benefit from.

We all know that it is a question of when you will be compromised and not if you will be compromised. It is unavoidable. The goal of CIS Control 17 is to ensure that you are set up for success when that inevitable breach occurs. If an organization is neither equipped nor prepared for that potential data breach, they are not likely to succeeded in responding to the threat.

Synopsys has signed a definitive agreement to acquire WhiteHat Security, a market-segment leading provider of dynamic application security testing (DAST) solutions.

Within our Elastic Security research group, a strong area of focus is implementing detection mechanisms for capabilities we understand adversaries are currently exploiting within environments. We’ll often wait to see the impact that bringing these capabilities to market will have from a detection standpoint. This allows our researchers to explore different detection strategies through these additions, providing deep insight into how effective the Elastic Security platform can be.