Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Proper implementation of a user and entity behavior analytics (UEBA) tool can solve lots of cybersecurity challenges by detecting well-hidden and slowly executed attacks, automating the analysis of alerts and logs, and speeding up incident investigation. It can even help you improve employee productivity. But implementing a UEBA solution also requires a lot of time and effort along with a clear understanding of how you are going to use it.

A successful breach can do serious damage to a business, costing a company millions of dollars in lost revenue, exposed intellectual property, downtime, reputation loss and fines. The right practices can help keep a company safe — but only if they know what threats to look for, and where their network is weakest. Cyber threat intelligence is the process through which companies identify weaknesses in their own networks.

Scraper bots make up the worst of bad bot traffic for the travel industry, with sites witnessing over 90% of traffic attributed to fare scraping. Whilst this activity can be benign or even used for positive means, if uncontrolled it can impact top line revenue, bottom line profits and customer experience.

While organisations frequently focus their security strategy on external risks, the trend of company employees being targeted by threat actors to help provide access is on the rise. In this blog post, we explore the growing issue, outline some recent examples and provide some key steps to take in response.

The number of data breaches has increased every year for more than a decade. Each incident costs companies time, money and resources to repair while inflicting often-irreparable damage to their brand reputation and customer loyalty. This reality only became more apparent during the recent pandemic as threat actors capitalized on the moment’s disruption and uncertainty to wreak havoc on our digital environments. In 2021, the number of data breaches is already on pace to reach a new record high.

There is a movement in the IT security world that is gaining traction, and it is based around the implementation of security within applications from the beginning. You may have heard buzzwords like “AppSec”, “DevSecOps” and “Shift Left”, but what do they actually mean? What does it take to “Shift Left” when developing a secure application? You can read about dealing with dependencies in our blog post.

Viruses are the hot topic of 2021. We’re not just talking about the COVID-19 virus. Computer viruses, identity theft, and threat actors are no longer just the subject of sci-fi films and crime shows, but a reality of running a business. More than ever, cybersecurity is top of mind for business leaders. Whether you are a Fortune-500 Company or just launching your first venture, no business is too big or too small to escape the realities of today’s cyber threats.

While October is famous for National Cybersecurity Awareness Month, and we provide resources and recommendations for our customers, really every month should focus on this business-critical topic. Given the frequency of Ransomware attacks, all industries need to be increasingly vigilant. This includes many aspects of cybersecurity, such as user training, endpoint security, network security, vulnerability management, and detection and response to incidents.

The Tsunami malware is back! Although it appeared for the first time several years ago, the Sysdig Research Team has just discovered a new sample of Tsunami malware targeting Jenkins and Weblogic services deployed in Kubernetes clusters. The Tsunami malware is a backdoor that gives the attackers full control over the infected systems. Indeed the targeted machines, once infected, communicate with an IRC server waiting for new commands to be executed.

As we wrap up Cybersecurity Awareness Month 2021, this week’s theme, Cybersecurity First, is all about making security a priority. To do this, many security operations teams are leaning into threat intelligence to understand specifically where and how to focus their efforts to better protect their organizations.