Good security starts with knowing your web assets. To enable transparency over your tech stack, we have released Asset Inventory, a new view that helps you prioritize security issues and collaborate across teams to stay on top of your web asset security. This release is the first step towards broader asset tracking functionality in Detectify.

Among many other features Sysdig Secure version 2.4 introduces a new and improved runtime policy editor, along with a comprehensive library combining out-of-the-box run-time policies from our threat research teams, container-specific compliance standards, Kubernetes security and Falco opensource community rules.

Today, we are excited to announce the launch of Sysdig Secure 2.4! With this release, Sysdig adds runtime profiling to enhance anomaly detection and introduces brand new interfaces that improve runtime security policy creation and vulnerability reporting. These features are focused on upgrading the experience of creating your security policy to detect security threats and attacks to your infrastructure and apps.

In our recent article, we outlined the benefits of Security Information and Event Management (SIEM) systems, and why it is a must-have for every organization that operates in today’s cyberspace. It remains the best solution that proactively targets proliferating security threats, though SIEM also brings a number of risks and challenges. In this blog, we address these challenges and explain how they can be overcome by opting for SIEM-as-a-Service instead of on-premises or other options.

Cybersecurity breaches and regulatory compliance are this year’s themes. Marriott was sued and fined $124 million for their data breach back in 2014, according to The Wall Street Journal. Capital One leaked 100 million credit applications including Social Security Numbers. Both LabCorp and Quest Diagnostics exposed millions of patients’ medical records.

Deepfakes are the latest moral panic, but the issues about consent, fake news, and political manipulation they raise are not new. They are also not issues that can be solved at a tech level. A deepfake is essentially a video of something that didn’t happen, but made to look extremely realistic. That might sound like a basic case of ‘photoshopping’, but deepfakes go way beyond this.

When malware sneaks inside your network, it needs to communicate back to the internet whether to exfiltrate sensitive datasets it found, accept commands of its evil masters or even simply let them know it has successfully infiltrated your infrastructure (with ransomware being one of the rare exceptions that doesn’t need such connection).