Information Security Management System is an international standard designed to manage the security of sensitive information. At the core, ISMS is about managing the people, processes, and technology through a risk management program. While there are many standards under the ISO2000 family, the ISO27001 Standard is the most popular and widely accepted standard in the industry.

Organizations must enact effective third-party risk management (TPRM) programs to ensure their vendors fulfill cybersecurity requirements. Otherwise, they risk carrying the financial and reputational harm caused by customer data breaches. The PCI DSS standard covers aspects of third-party risk management as it's applicable to all organizations that process credit card data, especially the heavily regulated finance industry.

Security information and event management refer to Security Information Management (SIM) and Security Event Management (SEM) through a single pane of glass. SIEM solutions are used by security analysts to monitor any potential threats within the infrastructure of their organisation.

Read also: the US blames North Korea’s Lazarus Group for the $620M Axie Infinity hack, Beanstalk Farm suffers $182 million financial losses due to a cyber-attack, and more.

Today’s threat landscape is evolving rapidly. Attackers are constantly adjusting their tactics and finding new ways to infiltrate organizations with increasingly sophisticated attacks to steal valuable data. As such, businesses and IT professionals must remain up to date on the industry’s latest threat intelligence in order to better understand the current state of this cybersecurity landscape and know their enemies to shore up defenses.

Part 1 of this series covered the challenges Rubrik initially faced with its distributed database. Our applications had become quite complex to work around some of these challenges. Part 2 of this series covered how we chose a new distributed database (CockroachDB), and how we performed the migration. Next, we will dive into some of the challenges we faced after migrating to CockroachDB and how we developed on top of CockroachDB to mitigate them.

Developer-centric Laravel is often described as “the PHP framework for web artisans.” It’s one of the most used frameworks within the PHP ecosystem, with an extensive community and a wide array of sub-branches dedicated to application development of all kinds. With version 1.0 launched in 2011, Laravel currently powers the websites of global companies like 9GAG, BBC, and Pfizer.

Monitoring container traffic and extracting rich security-centric metadata provides SOC analysts an inviolable source of truth for threat detection and incident investigation. This data complements the deep visibility provided by container agents and broad visibility through monitoring audit logs.

This month, Microsoft announced two vulnerabilities in portmap, which is part of ONC RPC, on Windows systems. This blog will discuss Zeek detection packages for CVE-2022-24491 and CVE-2022-24497 developed by Corelight Labs.