Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When looking for programmatic secrets, it’s not easy to figure out what is truly sensitive and how high-risk it is. There are many different types of secrets and credentials, and the context makes a difference. For example, there could be public URLs with tokens in them, public UUIDs, or credentials used in frontend code — these could all be considered API keys or secrets, but not necessarily at the same degree of sensitivity/severity as something like AWS credentials.

Elastic is pleased to announce that we have recently achieved the AWS Security Independent Software Vendor (ISV) Competency Partner status with specialization in Threat and Detection Response (SIEM, SOAR, and XDR). This recognition highlights our commitment to providing you, our customers, with advanced security capabilities that can help you protect your sensitive data and applications in the cloud.

Security information and event management (SIEM) tools do a huge amount of security heavy lifting. A central record of millions of events, security operation centres (SOCs) rely on SIEMs for everything from compliance to threat detection and response. But as anyone who has ever worked in a SOC will testify, SIEMs have blindspots and problems—lots of them (Read our Head of Technology, Brad Freeman’s account of using a SIEM).

Your digital footprint, also known as a digital shadow or electronic footprint, encompasses the traces of data you leave behind while navigating the online world. This includes your visited websites, sent emails, and submitted information. By understanding digital footprints, we can effectively track online activities and devices associated with individuals.

Zero Trust is the new Buzz word in the cybersecurity arena. Ever since, Forrester Analyst, Kindervag introduced the term Zero Trust in his article “Zero Trust Architecture”, traditional security measures have become obsolete. Zero Trust is a security framework that is based on an “I Trust No One” principle; it doesn’t matter if the user is within or outside the organization. A user is not granted access unless he/she is authenticated and authorized first.

Launching a mobile app in Bahrain, whether for iOS or Android, requires careful consideration of security measures. According to the World Bank, mobile phone penetration in Bahrain reached 131% of the population in 2021. This indicates that there were more mobile phone subscriptions than the total population, suggesting that many individuals in Bahrain own multiple mobile devices or have multiple subscriptions.

While cyberattacks have been on the rise in recent years, one of the biggest threats to organizations’ cybersecurity is fatigue in the IT team, which leads to burnout syndrome. Gartner predicts that half of security managers will change jobs by 2025 due to industry-wide burnout. A recent study reveals that 66% of cybersecurity professionals in Europe claim to have experienced fatigue during 2022. In addition, 51% say they have worked more than four hours extra a week above their scheduled hours.

Cyber risk is everywhere. From credential theft to misconfigurations to vulnerabilities and even phishing attempts, there are cybercriminals poking and prodding at organizations from every angle. This means that organizations not only need to up their cybersecurity, but they also need to think about it in terms of risk and how to holistically mitigate that risk — from identifying threats to protecting against them and responding to them.

The US healthcare sector continues to be aggressively targeted by ransomware operators. Royal and BlackCat are two of the more recent – and highly sophisticated – ransomware threats. These two new flavors of ransomware pose serious potential impacts on the healthcare sector, but there are appropriate mitigation and defense strategies that organizations can take to protect against them.

How many internet-connected devices do you own? If you took a quick inventory around your house, you may be surprised at exactly how many there are. Have you ever wondered how they all communicate, not only with each other, but with the internet as well? This is, in part the result of technology known as IP addressing.