Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

EventLog Analyzer year in review: 2021

Our log management solution, EventLog Analyzer, has had yet another busy year. Being named in the 2021 Gartner Magic Quadrant for SIEM for the fifth time was one of the high points. We also had the satisfaction of helping many organizations ensure their overall cybersecurity health with new features to meet evolving demands. Our journey in 2021 With many organizations adopting hybrid work models over the last year, there was a steady increase in the volume and severity of cyberattacks.

5 Endpoint security tips for the holidays

The holiday season is a hectic time for businesses but this year has brought additional challenges in supply chain delivery and staffing shortages. Yet spending is still expected to increase, and businesses must be prepared to capitalize on this holiday season and close out the year strong. Endpoints can play a vital role this holiday season by providing visibility into inventory levels, allowing self-service transactions, and granting access to critical business applications.

2022 Cloud-native Trends: Need for AuthZ and OPA Will Grow

It’s that time of year again — full of ugly sweaters, holiday cookies and technology predictions (cloud-native style)! Last year, we predicted that we’d see continued Kubernetes adoption, focus on DevSecOps in organizations and open source dominance. This year, we sat down with our co-founder and CTO, Tim Hinrichs and our CEO Bill Mann to hear a few of their predictions for the open source and cloud-native authorization market.

How tech managers can make sure security isn't left off the list this holiday season

The holidays are coming up quickly and while many of us are looking forward to getting some human downtime (not technical), some may be feeling the pressure and some stress to make sure everything that needs to be done by the end of the year is in fact done by then, especially with the ongoing log4j aka log4shell security fires happening.

Small Talk: security considerations for your startup

As a startup, you might have branded swag well before a cybersecurity strategy. And it’s not hard to understand why. Printing stickers is easy. Knowing where to start with security – the who, what, how, and why – can feel a bit more daunting. But it doesn’t have to, and is far more important to your company’s future.

Log4Shell in a nutshell (for non-developers & non-Java developers)

If you’re in tech at all, you’ve likely heard of the Log4Shell exploit taking over the Intertubes. If you’re not a Java developer (or developer of any sort), you may be left scratching your head as to just what’s going on. This post is split into two parts: an explanation of Log4Shell for non-developers and an overview of the Log4Shell vulnerability for non-Java developers.

Exploiting, Mitigating, and Detecting CVE-2021-44228: Log4j Remote Code Execution (RCE)

A new critical vulnerability has been found in log4j, a widely-used open-source utility used to generate logs inside java applications. The vulnerability CVE-2021-44228, also known as Log4Shell, permits a Remote Code Execution (RCE) allowing the attackers to execute arbitrary code on the host. The log4j utility is popular and used by a huge number of applications and companies, including the famous game Minecraft.

7 Security Operations Center (SOC) Best Practices for Analysts

Security ratings are becoming a crucial component of every security operations center (SOC). Security analysts must learn how to read, analyze and report security ratings to the CISO effectively in order to help build an enterprise-wide culture of security. Here we outline how analysts can develop a successful security operations center that leverages ratings to evaluate and mitigate cyber risk.