Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The Value of Operationalizing MITRE ATT&CK According to Splunk With Guest Speaker From IDC

The global pandemic has fueled a rapid digital transformation — and led to permanent shifts in cybersecurity. In a recent joint webinar with Bryan McAninch, senior solutions engineer at Splunk, and guest speaker Chris Kissel from IDC, "Sp(e)lunking Security with MITRE ATT&CK® featuring IDC Research," they shared seven overarching trends in cybersecurity for 2021. One notable, but foundational, trend mentioned was the need to understand risk.

Calligo launches world's first managed service to make machine learning accessible to any business

Fully managed machine learning service handles entire management, cleanliness and governance of data, avoids costs associated with data science recruitment, and delivers more accurate insights twice as fast as AWS and Google.

IT security under attack: A typical day in the life of an IT admin or security analyst

The job of IT admins and IT security analysts are, without a doubt, some of the most important jobs in any company. When things are running smoothly, it is easy for everyone to forget they exist. However, the moment things go askew, everyone points fingers at them. IT security professionals are expected to know everything. Most of them are self-taught and have learned on-the-job. Over time, experience has turned them into battle-hardened soldiers.

Just released! AT&T Cybersecurity Insights Report: 5G and the Journey to the Edge

We are certainly in unique times, with COVID driving digital transformation at an unprecedented pace, remote work appearing to be long term, and the specter of new threats looming over security professionals as they strategized how to protect a rapidly changing business and tech landscape. To use perhaps one too many cliches: it is the best of times, it is the worst of times, the times are a changin’, and a change will do you good. No really, it will.

Top tips for better security awareness on the job from Detectify Security Champions

Security is not compliance. This is something that the security champions at Detectify can agree on and each employee practices security everyday to help keep our customers and business secure. You’ve probably never met a more engaged group about security training than us at Detectify! We are passionate about our industry and maybe even gain a few new security nerds every few months as we go.

LogSentinel Honeypot: Malicious Actors Don't Wait

There’s an unwritten rule that every machine that becomes visible on the internet is under attack in under 5 seconds. We recently deployed our LogSentinel SIEM honeypot with one of our customers and that rule proved correct – immediately malicious requests from all over the world started pouring in, on almost all the protocols that we support – SSH, RDP, SMB, HTTP, and they haven’t stopped since.

Building your modern cloud SIEM

SIEM has traditionally earned itself a bad reputation as an unwieldy and unmanageable tool that really never lived up to its promises. In my presentation during Illuminate, I talked about what Sumo Logic is doing to modernize log analytics and SIEM as a whole. Today, we see that despite how overall technology is accelerating, security always seems to lag behind. In Sumo Logic, we address this head-on.

Tighten Up Your Strategy: Evaluating the Leakiness of a Cloud App

We at Netskope Threat Labs have published a series of blogs detailing the misconfigurations in cloud apps causing data exposure. Misconfiguration and sensitive data exposure have been listed as predominant top 10 OWASP security risks for years, and are now also the predominant cause of cloud data breaches.

What is Access Control?

Access control is a security technique that regulates who or what can view, use or access a place or other resources. It is a fundamental concept in physical security and information security designed to minimize risk. At a high level, access control is about restricting access to a resource. Any access control system, whether physical or logical, has five main components: Access control can be split into two groups designed to improve physical security or cybersecurity:

Government and Education Have the Highest Percentage of Apps With Security Flaws

It’s been a stressful year, to say the least, for the government and education sector. Government organizations were challenged with pivoting their operations to a digital model while schools were forced to decide between hybrid or remote learning programs for their students. The rise of digital operations has made application security (AppSec) more important than ever.