Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Imagine you’ve protected your production Google Cloud environment from compromised credentials, using MFA and a hardware security key. However, you find that your GCP environment has been breached through the hijacking of OAuth session tokens cached by gcloud access. Tokens were exfiltrated and used to invoke API calls from another host. The tokens were refreshed by the attacker and did not require MFA. Detecting the breach via Stackdriver was confusing, slowing incident response.

Today, data analytics, automation, connectivity, and remote monitoring have made great progress and have brought innovations in every sphere of modern civilization. The digitization in day-to-day human activities has been revolutionized by the Internet of Things (IoT). Based on Gartner’s Forecast database, we can expect that there will be approximately 14 billion devices connected to the internet by 2022. With more devices connected, it will change the way we do business and use resources.

There is a story from years ago about a warehouse network of computers that was separated from the main network. Those machines were running older OSes. But since they weren’t connected to the company network, didn’t hold company data, and only ran the warehouse machines, they were deemed secure. One day, the sysadmin noticed that all of those computers had a glitch at the same time. He remotely rebooted and went back to his desk. But they all glitched again. What happened?

Payment fraud is exploding. So are false positives, customer friction and investigation costs. Unfortunately, as customers continue to pull us down the river of rapid digital transformation, traditional fraud detection systems are being left in the sand.

Security teams can’t defend what they can’t see. As organizations move more workloads to the cloud, security teams need added visibility into these new workloads or risk having blind spots that lead to compromise. In the first installment of our "Getting Data In" webinar series, "Modernizing your SOC for the Cloud Age Starts with Security Foundations," we demonstrate how to quickly and easily onboard data into Splunk Cloud.

In March when businesses enforced a work-from-home policy because of the pandemic, many probably thought the move would last a few weeks or so. Well, here we are, in the heat of the summer or depth of winter, depending on your hemisphere, and some businesses are still working remotely, while others have made the return to the office.

Gone are the days when security teams could focus all of their efforts on keeping attackers out of the network. There’s no inside or outside anymore. The modern network is porous; it allows greater numbers and types of devices to connect to it from all over the world. This characteristic might serve organizations’ evolving business needs as they pursue their respective digital transformations. But it complicates their security efforts.

Data breaches and data loss have been the worst nightmares of the organizations. That is why being able to act proactively and ensure the security of your data has utmost importance. In this article, we will discuss which DLP method you should employ.

The age of the digital nomad is here, and people realize that working 9 to 5 within the confines of an enterprise office isn’t the only way to make a living. Today’s technology allows people to work anytime and anywhere. Even within an office environment, work is often largely carried out online.

Accidents or mistakes are bound to happen. Even if healthcare providers and business associates are compliant to HIPAA Standards, there is always a possibility of unintentional or accidental disclosure of Protected Health Information (PHI). Accidental disclosure of PHI includes sending an email to the wrong recipient and an employee accidentally viewing a patient’s report, which leads to an unintentional HIPAA violation.