Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Upping the Auditing Game for Correlation Searches Within Enterprise Security - Part 1: The Basics

One question I get asked frequently is “how can I get deeper insight and audit correlation searches running inside my environment?” The first step in understanding our correlation searches, is creating a baseline of what is expected and identify what is currently enabled and running today. Content Management inside Splunk Enterprise Security is a quick way to filter on what is enabled (and it’s built into the UI and works out of the box).

ISO Audit Tips

During an internal International Organization for Standardization (ISO) audit, your company assesses its quality management system (QMS) to determine if it complies with ISO 9001. Companies use the ISO 9001 standard to demonstrate that they can consistently provide products and services that meet customer needs and regulatory requirements. Organizations also use ISO 9001 to demonstrate that they are continually improving their products, services, and processes.

Cloud security

There’s no doubt that the adoption of public cloud deployments has accelerated for most organizations recently. In fact, according to metrics released by Oracle recently, nearly half (49%) of all respondents to the Oracle and KPMG Cloud Threat Report expect to store most of their data in a public cloud by the end of 2020. Effectively managing the security and compliance of public cloud deployments can be tricky for many organizations.

Sysdig 2020 Container Security Snapshot: Key image scanning and configuration insights

Today, we are excited to share our Sysdig 2020 Container Security Snapshot, which provides a sneak peak into our upcoming 2020 Container Usage Report As containers and Kubernetes adoption continue to increase, cloud teams are realizing they need to adopt a new workflow that embeds security into their DevOps processes. Secure DevOps, a variation of DevSecOps, embeds security and monitoring throughout the application lifecycle, from development through production.

From Customer to Employee - A Tripwire Journey

Tripwire is very much household name within the cybersecurity community. It’s been around from the early days of creating intrusion detection software that would later be known as File Integrity Monitoring (FIM) all the way through to deploying a portfolio of products that focuses on SCM, Vulnerability Management, Asset Management, Industrial Cybersecurity and much more!

Security Execs' Advice on Overcoming the Challenges of Remote Work

At the outset of the global coronavirus 2019 (COVID-19) pandemic, many organizations decided to enforce social distancing by requiring that their employees begin working from home. This decision changed the fundamental way in which many employees were accustomed to working. It also created new security challenges for organizations that had larger remote workforces.

The Secret to Reducing False Positives: You will only be as good (and fast) as your data

As efforts increase to protect customers from card-present and card-not-present fraud, there is an increasing risk lurking for banks and retailers: false positives. According to KPMG’s 2019 global fraud survey, 51% of respondents reported a significant number of false positives resulting from current technology solutions and decreasing efficiencies in fraud detection.

Part One: How Well Do UK Businesses Understand Bots?

Data breaches are becoming increasingly common, with cyber criminals able to gain quick and easy access to usernames and passwords. Despite efforts to inform consumers about cybersecurity best practices, many still use the same weak passwords across multiple accounts. Netacea, along with independent researchers Coleman Parkes, recently carried out a survey 200 UK businesses to discover how well the bot threat is understood across travel, entertainment, e-commerce and financial services.

SCM: Understanding Its Place in Your Organization's Digital Security Strategy

Digital attackers can compromise a system in a matter of minutes. But it generally takes organizations much longer to figure out that anything has happened. In its 2020 Data Breach Investigations Report (DBIR), for instance, Verizon Enterprise found that more than half of large organizations took days or even months to detect a security incident. Such dwell time gave attackers all they needed to move throughout an infected network and exfiltrate sensitive data.