Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Innovating Security with Managed Detection & Response (MDR) and ChaosSearch

Managed Detection and Response (MDR) services occupy an important niche in the cybersecurity industry, supporting SMBs and enterprise organizations with managed security monitoring and threat detection, proactive threat hunting, and incident response capabilities.

5 Security Logging and Monitoring Mistakes to Avoid

As cybersecurity attack vectors evolve, security logging and monitoring are becoming even more important. Effective logging and monitoring enables organizations to detect and investigate security incidents quickly. Cloud-based attackers are getting more sophisticated, and often rely on stolen credentials to escalate privileges and move laterally within corporate IT networks.

Top Security Data Types: Exploring the OCSF Framework

In cybersecurity, it’s a big challenge to handle diverse data formats across various platforms. The Open Cybersecurity Schema Framework (OCSF) aims to address this by standardizing data security formats and simplifying the process of threat hunting. Major players like IBM, AWS and others are working together to standardize data with this open-source project, emphasizing its importance.

How to Threat Hunt in Amazon Security Lake

Establishing a proactive security posture involves a data-driven approach to threat detection, investigation, and response. In the past, this was challenging because there wasn’t a centralized way to collect and analyze security data across sources, but with Amazon Security Lake it is much simpler.

5 Proactive Security Engineering Techniques for Cloud-Native Teams

Developing a proactive security strategy can potentially save an organization millions of dollars per year. According to IBM, the average cost of a data breach in 2023 added up to a staggering $4.45 million, up 15% over the last three years. This is especially true for cloud-native environments, which face unique security challenges due to their dynamic nature.

Threat Hunting Frameworks and Methodologies: An Introductory Guide

Establishing an effective cyber threat hunting program is among the top priorities of enterprise security leaders seeking a proactive approach to detecting and counteracting potential threats. Furthermore, implementing a proactive threat hunting program, security teams that leverage formalized frameworks or threat hunting methodologies are far more likely to detect vulnerabilities or in-process malicious activities in their environments than those that do not.

SIEM Logging for Enterprise Security Operations and Threat Hunting

Today’s enterprise networks are diverse and complex. Rather than the simple network perimeter of old, bad actors can attack through multiple entry points, including cloud-based applications. Not to mention, these networks generate massive amounts of transactional data. Because enterprise networks have become larger, they’re more difficult to secure and manage.

Can You Use the ELK Stack as a SIEM? A Fresh Take

A SIEM system (Security Information and Event Management) is often used by security operations centers (SOCs) for real-time detection of suspicious activity and security events. While some teams choose to adopt a purpose-built SIEM, others rely on the same DevOps tools they are already using for tasks like troubleshooting and operational log data analysis.

Data Retention Policy Guide

Data retention policy will become a major focus for CIOs in 2021. Here’s why: First, enterprise organizations are producing larger volumes of data than ever before and utilizing enterprise data across a wider range of business processes and applications. To maximize its value, this data must be managed effectively throughout its entire life cycle - from collection and storage, through to usage, archiving, and eventually deletion.