Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Securing IaaS, PaaS, and SaaS in 2020 with a Cloud SIEM

As the cloud continues to expand with no end in sight, it’s only wise to invest in it. Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service bring significant cost savings (personnel and ownership), improved performance, better reliability, freedom to scale and - above all - significant security benefits. It’s no wonder that so many businesses have already adopted all three of these models.

Using BPF to Transform SSH Sessions into Structured Events

Teleport 4.2 introduced a new feature called Enhanced Session Recording that takes an unstructured SSH session and outputs a stream of structured events. It’s the next step in Teleport’s evolution that uses new technology (eBPF or now simply known as BPF) to close some gaps in Teleport’s audit abilities. Below you can see an illustration of this feature and if you keep reading, we’ll get into some of the technical details.

Business Continuity With Egnyte For Those Impacted by Coronavirus

The COVID-19 virus (or coronavirus) is having an impact on businesses across the globe. Organizations have been pressed to balance productivity with the protection of their employees and partners. With that in mind, we’ve collected a few helpful resources from Egnyte that can help enable continuity in times of business disruption.

What is really an API?

API has become one of those catch-all terms that developers throw around without really considering the context. On any given week, you will come across discussions like "How to use the Twitter API", "New framework X is great because it has a low API surface", and "Best practices for building an API." Is an API a data source? Is it a service? Is it a way to call native functionality? The truth is, in modern software development it can mean any of these things.

Gehaxelt - How Wordpress Plugins Leak Sensitive Information Without You Noticing

Sebastian Neef (@gehaxelt) is a IT security freelancer and a top contributor from the Detectify Crowdsource community. In this guest blog, he looks at ways WordPress plugins leak sensitive data in the wild: The OWASP Top 10 puts Sensitive Data Exposure on the 3rd place of the most common web security issues. In this blog post we will have a look at sensitive data exposure that you might not be aware of.

A New Integration between Sumo Logic and ARIA Cybersecurity Solutions

When thinking about many of the worst data breaches we’ve seen so far (Equifax, CapitalOne, Target, Home Depot, and more), there was one common element: The attacks were not detected while they were active on the internal networks. It’s easy to think of the internal network as what’s onsite and directly in control. However, an organizations internal network also includes what extends beyond what’s on-premises, like instances within the public cloud and off-site hosted data centers.

NSA Releases Cloud Vulnerability Guidance

The United States’ National Security Agency (NSA) has put together a short guidance document on mitigating vulnerabilities for cloud computing. At only eight pages, it is an accessible primer for cloud security and a great place to start before taking on something like the comprehensive NIST 800-53 security controls.