In this digital era, more companies are encouraging or requiring employees to work from home. In addition to allowing employees to access the corporate network using their own devices, they are also turning to cloud computing, which is cost-effective and scales easily. However, not all of these organizations are prepared for the associated cloud security threats. Cloud providers often offer some protection capabilities, but their responsibility is primarily to ensure service availability.
When you rely on a third party API for your application's features, it is important that you can reliably expect them work. Knowing that their uptime will be consistent, or greater than your own, and knowing that their support will be available if you identify a problem, can go a long way in making your choice of APIs easier. In this article we'll look at the Service Level Agreement, or SLA, and how it protects both you and the provider in the event of an outage or problem.
Okay... and we’re back! Yes, there’s been a bit of a hiatus since you’ve heard from us in Core Security, but that’s not because we haven’t been busy. In fact, we’ve released a number of enhancements for both the security and user administration experiences of Splunk Enterprise. Going forward, we’ll be a bit more visible bringing you details on these enhancements.
So far, there has not been a perfect solution to ridding the world of software and hardware weaknesses. Keeping up-to-date with which weaknesses have are most common and impactful can be a daunting task. Thankfully, a list has been made to do just that the Common Weakness Enumeration Top 25 (CWE).
If you have been using a SIEM tool for quite a time, you will know that it can turn out to be a powerful security tool, if appropriately deployed. In your organization’s network, network devices such as IDS/IPS, firewalls, and routers generate a plethora of log data. Like these devices, there are many sources of data for a SIEM solution. The first barrier a SIEM encounters is normalizing the log data before it can detect and alert your team.
Gear up! The ITOM Podcast is back with an all new episode intended to help you surmount all your remote work challenges in an IT environment. In the last episode, we discussed VPN monitoring in detail, the challenges encountered while monitoring VPNs, and the key metrics to track to overcome those challenges. This week, we will deep dive into endpoint security and BYOD policies.
Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users.