This weekend I spent some time with Okta’s Identity Engine product, learning about various ways to integrate it with Splunk and other external systems. When I got to Okta’s Event Hooks feature, I exclaimed “Aw, HECk!” (actually I said something a little stronger) and banged my head against my old copy of "Log4J 4 Me and U - A Complete Guide" for a few hours trying to get Event Hooks sending data properly into Splunk’s HTTP Event Collector, or HEC.

This blog was written by an independent guest blogger. Non-fungible tokens (NFTs) are the new player in the financial investment market. They’ve seen tremendous interest from a wide range of parties, whether that be institutional investors or retail hobbyists looking to find an angle. As with anything involving money, malicious actors are already starting to take hold; Insider magazine recently highlighted the 265 Ethereum (roughly $1.1 million) theft due to a fraudulent NFT scheme.

Mobile phone apps are more popular than ever with a rapidly expanding user base each year. They have literally made everything come to the fingertips of the users and there’s a significant demand for mobile apps for just about everything, generating great competition and pressure among app developers around the world.

At first glance, DevSecOps and Agile can seem like different things. In reality, the methodologies often complement each other. Let’s see how. Agile is a methodology that aims to give teams flexibility during software development. DevSecOps is about adding automated security to an existing automated software development process. Both are methodologies that require high levels of communication between different stakeholders and continuous improvement as part of the process.

Deloitte, a leader in managed security services, has launched MXDR by Deloitte — a Managed Extended Detection and Response suite of offerings — within which the CrowdStrike Falcon® platform will power a number of solutions. MXDR by Deloitte combines an integrated, composable and modular managed detection and response SaaS platform with managed security services in a unified offering of advanced, military-grade threat hunting, detection, response and remediation capabilities.

In an incident response investigation, CrowdStrike analysts use multiple data points to parse the facts of who, what, when and how. As part of that fact-finding mission, analysts investigating Windows systems leverage the Microsoft Protection Log (MPLog), a forensic artifact on Windows operating systems that offers a wealth of data to support forensic investigations. MPLog has proven to be beneficial in identifying process execution and file access on systems.

This weekly cybersecurity news overview provides a brief recap of the most important and interesting stories that dominated headlines in the past seven days.

At SnykCon 2021, there were a number of insightful talks from companies that were able to build successful AppSec programs. As the Lead Platform Architect at Lunar and a Cloud Native Computing Foundation (CNCF) ambassador, Kasper Nissen’s presentation was no exception. In this post, we’ll recap Nissen’s talk about how his security team at Lunar was able to shift security left while building a cloud native bank.

The SSH agent (ssh-agent) is an SSH key manager that stores the SSH key in a process memory so that users can log into SSH servers without having to type the key’s passphrase every time they authenticate with the server. In addition to the key management feature, SSH agent supports agent forwarding, which helps to authenticate with servers that sit behind a bastion or jump server.