Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Top 6 Security Threats in Cloud Computing and How to Mitigate Them

In this digital era, more companies are encouraging or requiring employees to work from home. In addition to allowing employees to access the corporate network using their own devices, they are also turning to cloud computing, which is cost-effective and scales easily. However, not all of these organizations are prepared for the associated cloud security threats. Cloud providers often offer some protection capabilities, but their responsibility is primarily to ensure service availability.

What is an SLA? API Service-Level Agreements and How to Find Them

When you rely on a third party API for your application's features, it is important that you can reliably expect them work. Knowing that their uptime will be consistent, or greater than your own, and knowing that their support will be available if you identify a problem, can go a long way in making your choice of APIs easier. In this article we'll look at the Service Level Agreement, or SLA, and how it protects both you and the provider in the event of an outage or problem.

The Core Enterprise Security Team Has Been Very Busy

Okay... and we’re back! Yes, there’s been a bit of a hiatus since you’ve heard from us in Core Security, but that’s not because we haven’t been busy. In fact, we’ve released a number of enhancements for both the security and user administration experiences of Splunk Enterprise. Going forward, we’ll be a bit more visible bringing you details on these enhancements.

Identifying the Most Dangerous Common Software and Hardware Weaknesses and Vulnerabilities - The CWE Top 25 (2020 Edition)

So far, there has not been a perfect solution to ridding the world of software and hardware weaknesses. Keeping up-to-date with which weaknesses have are most common and impactful can be a daunting task. Thankfully, a list has been made to do just that the Common Weakness Enumeration Top 25 (CWE).

How to Create & Customize Correlation Rules on Logsign SIEM

If you have been using a SIEM tool for quite a time, you will know that it can turn out to be a powerful security tool, if appropriately deployed. In your organization’s network, network devices such as IDS/IPS, firewalls, and routers generate a plethora of log data. Like these devices, there are many sources of data for a SIEM solution. The first barrier a SIEM encounters is normalizing the log data before it can detect and alert your team.

How to defend your IT assets while implementing BYOD policies: The ITOM Podcast [Episode 4]

Gear up! The ITOM Podcast is back with an all new episode intended to help you surmount all your remote work challenges in an IT environment. In the last episode, we discussed VPN monitoring in detail, the challenges encountered while monitoring VPNs, and the key metrics to track to overcome those challenges. This week, we will deep dive into endpoint security and BYOD policies.

Detectify security updates for 4 September

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users.