We recently introduced labs, a new and pioneering space in the 1Password apps that lets customers opt in to test experimental features.

The ability for your SIEM to ingest data at scale is critical, especially in a world where threats target a vast array of attack surfaces. Ensuring full visibility of all log data is paramount, and you need a SIEM that can ingest any event, in any format, to effectively hunt for threats. Remember, you can’t secure what you can’t see. Whether you’re taking a close look at your current solution or evaluating new potential vendors, here’s what to consider around SIEM data ingestion.

Protecting sensitive data and other assets requires an organization to be adaptable and stay informed on things like the digital landscape and threat trends. While some aspects of security are within an organization’s control, it can be extremely difficult to manage all of the risks and vulnerabilities that are likely to arise. Security configuration management (SCM) is one way to take control of many of the facets of cybersecurity that are often overlooked or difficult to handle.

In the ever-evolving landscape of cybersecurity, the collaborative effort between the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) in issuing five joint Cybersecurity Information Sheets (CSIs) marks a significant milestone in guiding organizations towards secure cloud adoption. These documents serve as a testament to the critical nature of securing cloud services in an era where digital transformation is not just an option, but a necessity.

In 2022 alone, there was a staggering 70% increase in malicious events across all public clouds. And cybercriminals are specifically targeting one of the most critical assets of any organization - its data. According to an 2023 IBM report, 82% of breaches involved data stored in the cloud. So this begs the question, which tools do defenders have at their disposal to address these mounting threats?

To kick off season 5 of the Future of Security Operations podcast, I’m joined by Mandy Andress. Mandy is the Chief Information Security Officer at Elastic, a leading platform for search-powered solutions, and has more than 25 years of experience in information risk management and security. Before Elastic, Mandy led the information security function at MassMutual and established and built information security programs at TiVo, Evant, and Privada.

In a testament to the power of global collaboration, Device Authority recently witnessed the convergence of its US and UK teams in two distinct yet complementary gatherings. Amy Chu, VP Customer Success, chronicles the enriching experiences of the US team’s face-to-face summit, while Darren Cubbage, Engineering Manager, provides insights into the unity and inspiration emanating from the 2024 UK Company Get-Together.

Just as the heart keeps the body going, unseen and often not thought about unless something goes wrong, so do proxies serve as the hidden engines that power the bustling world of online retail. They are the invisible assistants that work hard to ensure the storefront—that shiny website filled with enticing products—remains the focus of our shopping experience.

The Payment Card Industry Data Security Standard (PCI DSS) was published over 15 years ago and in that time has undergone a series of revisions as technology, the threat landscape and information security best practices have changed.

The Department of Defense (DoD) has embraced the Zero Trust Architecture to enhance its resilience against evolving threats. ThreatQ emerges as a strategic ally, aligning seamlessly with the Zero Trust principles. This blog sheds light on the pivotal role of ThreatQuotient in fortifying threat detection, investigation, and response while minimizing redundancy and noise.