The ISO 27001 certification can make a difference when your business is tied with deploying cloud-native applications. Providing relevance and credibility in front of potential customers will show that your company takes security seriously, ensuring the client’s trust. We previously covered other compliance frameworks in our blog, like GDPR, HIPAA, NIST, and SOC 2. Those frameworks also show a strong commitment to security best practices.

At Teleport we do IT a little differently — supporting a global remote company in hypergrowth is no easy feat and the playbook is different from traditional IT work. In this article, we want to share some of our IT philosophies that enable our employees to keep their agility despite working very asynchronously around the world.

Open source intelligence (OSINT) is the process of identifying, harvesting, processing, analyzing, and reporting data obtained from publicly available sources for intelligence purposes. Open source intelligence analysts use specialized methods to explore the diverse landscape of open source intelligence and pinpoint any data that meets their objectives. OSINT analysts regularly discover information that is not broadly known to be accessible to the public.

A cache is a temporary data storage location that stores copies of frequently accessed data or files to provide faster access to software or hardware. Computers, mobile devices, web browsers, and other applications use cache to speed up data retrieval. Caches allow faster access to this data by removing the need to reload it each time the device/app needs it. Cached data is reusable and can be retrieved directly.

Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular review is useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of a successful attack. CIS Control 8 emphasizes the need for centralized collection and storage and standardization to better coordinate audit log reviews.

Configuration at scale is hard. At Egnyte, we’d developed a flexible system that was advantageous early on but put increasing stress on our engineers and processes as the company grew. And, being a cloud deployed software product, we needed to be able to serve all of its customers, which meant we had to come up with a solution that addressed our current challenges and set us up to support our future growth as well.

Chat and messaging systems have helped customer experience teams expand and improve the services they offer through instant communications. As customers reach out to your business via platforms like Intercom, they can often share personal information like personally identifiable information (PII), credentials, email addresses, and credit card numbers (for PCI compliance) in their messages.

Protecting your sensitive data and other critical assets requires establishing secure access to them in the first place. Lots of organizations do this by protecting their remote servers and corporate systems with SSH keys. However, even SSH keys can be compromised and abused by malicious actors. In this article, we talk about SSH keys and their role in secure authentication processes as well as about the benefits of effective SSH key management.

However, SIEM requires the effective application of use cases or threat detection rules to achieve its full potential. In the first of this two-part series, we outline the importance of SIEM use cases (or rules) and the limitations of relying upon those provided out of the box with SIEM platforms.

The discovery of the Pegasus spyware demonstrated that no system is 100% secure or inaccessible, especially when it was discovered that this malicious program mainly affected iPhones.