In this age of digital transformation, organizations of all sizes and industries are moving to more automation, cloud-based services, and integrations as every part of the business world becomes digitally focused. We know that economic disruption caused by COVID-19 and the subsequent slowdown of commerce has hurt many businesses. However, security and access control have become essential business requirements as we all figure out what the future of work looks like.

Security Information and Event Management (SIEM) solutions have been the foundation of enterprises’ security operations and threat detection & response. Even though USM Anywhere has many key SIEM features, it is much more than a SIEM. Why? To perform threat detection, SIEMs and purpose-built threat consoles collect data from security devices. These include network firewalls, endpoint devices, & vulnerability managers to directly from the cloud.

Cybersecurity risk management is the practice of prioritizing cybersecurity defensive measures based on the potential adverse impact of the threats they're designed to address. Establishing a risk management approach to cybersecurity investment acknowledges that no organization can completely eliminate every system vulnerability or block every cyber-attack.

The cybersecurity industry is increasingly producing enormous amounts of raw threat data. The sheer volume of information threat researchers must sift through makes it difficult to collect, analyze, and research that data in a timely manner. This in turn limits their ability to understand what data is valid and useful and whether threat artifacts will result in legitimate threat indicators.

GuLoader is a sophisticated malware downloader that stores its payloads in Google Drive and Microsoft OneDrive. In addition to using popular cloud apps to evade network-based detection, it uses anti-VM techniques to evade sandbox analysis. Since it was first discovered in December 2019, GuLoader has become one of the top malware delivery mechanisms observed in the wild. It is used by multiple threat actors to deliver a variety of threats, most commonly remote access Trojans (RATs).

Have you ever stood in the airport security line when the agents bring the dog out to inspect everyone’s luggage? I’m always so fascinated watching the dog go down the line and do her work. Wow she’s so smart! How does she know what to look for? My own dog has talents of her own, but she would not get hired for this job. She has a good functioning nose, but she’s not trained to detect these things and wouldn’t be able to tell me when she finds something troublesome.

CloudFabrix AIOps 360 solution can ingest alerts, events, metrics and from various monitoring tools to perform event correlation, alert noise reduction and enable incident resolution acceleration. Learn more about CloudFabrix AIOps 360 In this blog I will cover Zabbix integration aspects with our AIOps 360 solution. Zabbix is one of the popular open source monitoring platforms used by many enterprises and MSPs, including some of our customers.

Sprawl happens when anyone and everyone can create a site or team, usually without oversight, planning, or any kind of formal training, resulting in dozens/hundreds of rarely used or abandoned sites and teams, a poorly-performing search experience, and your intellectual property (content and conversations) spread across multiple locations each with a maze of chats, files, and channels.

We have seen a marked move to remote work in recent months. While the times have been troubling and stressful in many ways, there has been a flip side. Many of us have found newfound freedoms in how and where we work. With these freedoms come risks. While we can access our email, files and other communications remotely, many have not stopped to ask; are we too open? What level of remote access does each employee need and more crucially what do they not need?

Technology and cyber systems have become essential components of modern society. Despite the benefit of cyber technologies, insecurities arise. These could affect all systems and infrastructures. More than that, the threat of a cyberattack could very well have a transnational component and effect as worldwide systems become increasingly interconnected.