The Splunk Security Research Team has been working on Kubernetes security analytic stories mainly focused on AWS and GCP cloud platforms. The turn has come now for some Azure Kubernetes security monitoring analytic stories. As outlined in my "Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk" blog post, when looking at Kubernetes security, there are certain items within a cluster that must be monitored.
The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility. These shortcomings are exacerbated by the mean time to breach detection, which continues to hover above 150 days on average.
Since the outbreak of Covid-19, many organisations have had to make a swift transition to remote working to ensure business continuity. What would typically take months of planning and preparation was implemented in a matter of days. The chaos that this created, combined with the already uncertain nature of life during a pandemic, had created the ideal environment for cybercriminals.
We know “go hack yourself,” but what about unhack yourself? According to Laura and Tom (@TomNomNom), it means understanding how something is built and how it works, before you can know if you’ve successfully hacked it apart. There were many valuable soundbites to take from this dynamic conversation between host Laura Kankaala and guest Tom Hudson of Detectify.
There is a common thread between academy-award winner, Leonardo Dicaprio and the indispensability of know-your-customer (KYC). For most of you Dicaprio fans out there, you would have guessed it by now, that connection is the blockbuster ‘Catch me if you can(2002)’[1]. Dicaprio portrays a master con artist, who some consider as the best of all-time, Frank Abegnale.
Businesses of all sizes are moving to the cloud to take advantage of the greater data availability, significant cost savings and data redundancy that cloud computing provides compared to a traditional data center-based physical infrastructure. Moving to the cloud can also reduce shadow IT and get data stores out from storage closets and underneath desks so they can be governed and protected in compliance with regulations and best practices.
In IT security debates, projects aimed at managing access and identifying users are considered fundamental. However, the processes and technologies for controlling permissions have proved challenging. To solve this dilemma, what is now called Identity Access Management (IAM) was created, which involves the definition and execution of identification processes related to the most critical businesses for a company.
Permissions, access controls, user rights, or privileges define what an identity can see or do in an organization. These terms are often used interchangeably based on context, and essentially perform the same function—granting or denying access to the resources in an enterprise.
This blog was written by an independent guest blogger. Image Source In Part 1 of this series, we covered the first step to better cybersecurity in touchless business solutions, which is to practice extra caution in cashless payment solutions. We continue by discussing the second step to improve cybersecurity for touchless systems, which is to increase protocols for cybersecurity and data privacy.
Every year, thousands of new vulnerabilities are discovered, requiring organizations to patch operating systems (OS) and applications and reconfigure security settings throughout the entirety of their network environment. To proactively address vulnerabilities before they are utilized for a cyberattack, organizations serious about the security of their environment perform vulnerability management to provide the highest levels of security posture possible.
