Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Why Your SOC Needs More Than a SIEM Tool

Cybercrime is becoming more sophisticated by the day. Meanwhile, the price for a breach due to damage and disruption, ransom payments and regulatory fines, is increasing. No wonder there’s more of a need than ever for companies to set up a dedicated SOC using SIEM to identify threats and raise the alarm. But is that enough to fight the hackers?

Exposing the common flaws penetration testers always see

We live in an age where cyber security threats are (or at least should be) at the forefront of everyone’s mind. Very recently, British Airways suffered a huge security breach that led to over 300,000 payment cards being compromised, showing that even the big players can still get hacked if they’re not 100% vigilant.

Encryption by Boxcryptor - Strong Security for the Cloud

The cloud enables teams to collaborate on shared files from anywhere in the world. Whether hosted internally or through a third-party provider, the cloud may very well be one of the biggest collaborative resources to date. Unfortunately, greater accessibility means an increased risk of data loss or theft. For some enterprises, this is a worst-case scenario.

Ten Cool Things Logsign SIEM Does

Easy deployment, an interface to be used intuitively and easily and a rule-based alert, bucket, dashboard and reports are the factors creating the simplicity mindset behind Logsign, who believes in “Simplicity is the ultimate sophistication”. The user interface used for the SOC teams’ threat and anomaly analysis has been designed in order to be understood easily and simply.

What to Do and What to Avoid When Implementing Security in the DevOps Lifecycle

DevOps is redefining the way organizations handle software development. But it’s also challenging security professionals in their efforts to manage digital risk. With that said, there are security teams need to be strategic about how they approach DevOps security. Here are some expert recommendations on what to do and what to avoid when implementing security in the DevOps lifecycle.

How to Protect Against a Ransomware Attack

In 2017, ransomware attacks increased by 90 percent, making it the most prevalent variety of malware. Every organization should be thinking about ransomware protection and detection – because proper security is always more prudent than the costs of a ransom or lost time and data. Ransomware is changing and evolving – and so are network security offerings. Here are a few things you need to know to protect your business against a ransomware attack.

Alert Fatigue and Tuning for Security Analysts

Alert fatigue is a real problem in IT Security. This can set in at the worst time, when an analyst checks their tools and sees yet another event, or even another 50-100 events, after they just checked. They click through events looking for the smallest reason they can find to dismiss the event so they won’t need to escalate, or further investigate, the issue.

The Pitfalls Of Leaked Administrative Passwords

The most well-known type of system credential is the administrative, or root password. These types of accounts are “administrators,” meaning they usually have total access to whatever system they are for. Administrator accounts are used by your IT staff or contractors to manage the basic operations of a system. These operational tasks could include maintenance, data migrations, and other common IT work that requires elevated access beyond normal business use.