Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Amazon Simple Email Service (Amazon SES) is a cloud-based provider for sending transactional, marketing, and newsletter emails. Because of its role as a source of communication for organizations, Amazon SES has become a primary tool for phishing campaigns. Our latest threat roundup includes a key finding that Amazon SES is a common target in the initial stages of a cloud control plane attack.

One of the primary challenges with developing in the cloud is knowing which areas of your environment are vulnerable to risks. In order to efficiently identify and respond to legitimate risks, you need real-time visibility into security events. But traditional security platforms are costly and often standalone, which means they may create gaps in visibility.

Risk assessment requires context. One of the primary challenges with protecting cloud environments is understanding how certain activity can lead to risk. Risky behavior can be categorized as any activity or action that increases the likelihood of an attack in your cloud environment. While certain activity may not be malicious on its own, it can expand an environment’s attack surface or indicate post-compromise behavior.

Log management becomes more challenging as both log volume and diversity rapidly grow. Yet many companies still rely on legacy log management and SIEM solutions that aren’t designed to cost-effectively or securely handle the large scale of logs today coming from sources both in the cloud and on premises.

Azure Backup Vault, Azure Recovery Services Vault, and Azure Site Recovery make up Microsoft’s core suite of data protection and disaster recovery services. Azure’s vaults enable customers to store backups of entire Azure VMs, on-premise workloads, and workloads from Azure services such as Azure SQL Database, Azure Blob, and Azure Database for PostgreSQL. Azure Site Recovery integrates with Azure Recovery Services Vault to extend its backup services to support disaster recovery.

Security is essential to cloud-based development, but integrating it into dynamic, distributed environments is difficult. Factors like complex architectures and operational constraints often create roadblocks, which makes it harder to enforce security policies and mitigate threats. These challenges are especially apparent within security organizations, where siloes limit their ability to keep pace with the larger organization as it scales.

Modern cloud architectures are increasingly distributed, with applications and services spanning multiple regions to improve availability, reduce latency, and support disaster recovery. Many of our customers rely on solutions like Virtual Private Cloud (VPC) peering, Network Address Translation (NAT) gateways, and AWS Transit Gateways to securely send telemetry to Datadog across regions. These methods work but can add complexity, increase costs, and create potential security risks.

In today’s digital economy, businesses that handle credit card transactions must prioritize security to protect customer data and maintain trust. Cyber threats that target payment information continue to evolve, making it essential for organizations to implement strong security controls. The Payment Card Industry Data Security Standard (PCI DSS) was created to establish a set of best practices for securing cardholder data.

Monitoring the health of your infrastructure and services requires you to understand the performance of fundamental system processes. But particularly in large environments, the sheer volume of processes can make their performance and resource usage difficult to track, let alone troubleshoot.

As security threats increase in complexity and scale, modern SIEM solutions are becoming key choices by CISOs for consolidating security monitoring and incident response. Organizations relying on Google or Google Cloud infrastructure are increasingly adopting Google Security Operations (SecOps) to unify their security stack and workflows.