If you’re reading this, you likely know what a log is, and what a metric is. But sometimes there are questions on their differences, whether you really need both, and if you should use dedicated solutions to manage each type. The answers? Yes, you need both; yes, they should be unified. Logs and metrics, aka machine data, are complementary.

Data breaches happen daily, many of which go undetected for months and even years. In this environment, having visibility into assets across the enterprise is paramount. This critical security need is termed “enterprise visibility” and has become a household name across the industry. The concept can take on a variety of meanings depending on the stakeholder you may be dealing with across the enterprise.

Across the board, security teams of every industry, organization size, and maturity level share at least one goal: they need to manage risk. Managing risk is not the same as solving the problem of cybersecurity once and for all, because there is simply no way to solve the problem once and for all. Attackers are constantly adapting, developing new and advanced attacks, and discovering new vulnerabilities.

SIEM security that is equipped with Artificial Intelligence (AI) and user behavior analytics can deal with internal threats. AI capabilities in SIEM help security professionals to automate tasks that are otherwise manual and repetitive. Doing so can also help to swiftly detect threats and suspicious activities in network traffic and event logs.

How to Become PCI DSS Certified The short answer to the question of achieving PCI DSS certification is: you can’t. There is no certificate attesting to Payment Card Industry Data Security Standard (PCI DSS) compliance. There is, however, a way your organization can stand apart as being especially committed to credit card security.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Social media take-overs can be quite disastrous, and a recent UK law inforcement breach certainly caused a lot of embarrassment.

Google Cloud Platform (GCP) includes a powerful resource hierarchy that establishes who owns a specific resource, and through which you can apply access controls and organizational policies. But understanding the GCP resource hierarchy can be hard. For example, what does a GCP Organization “look” like? What networks exist within it? Do specific resources violate established security policies? To which service accounts and groups visualizing do you have access?

On 16 July 2019, UK’s National Cyber Security Centre (NCSC) released the second annual report of the Active Cyber Defence (ACD) program. The report seeks to show the effects that the program has on the security of the UK public sector and the wider UK cyber ecosystem.

Not investing in Security Incident and Event Management solutions means you’re missing out on significant business benefits. SIEM detects and responds to security incidents in real time, which reduces the risk of noncompliance. It also helps realize greater value across all underlying security technology and systems. Reporting with SIEM is more comprehensive and less time-intensive, helping to reduce capital and operational costs through consolidation.

As a vendor, Tripwire gets asked a lot of questions from customers and potential clients about how developments in the wider world might affect digital security. One of those forces that’s on everyone’s mind is Brexit. Representatives from some of our potential customers as well as our existing clients are asking us what to focus on and what to do. Specifically, they’re wondering how Brexit will affect their digital security efforts in general.