Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Consuming Webhooks with Node.js and Express

Have you ever been building an application and thought: "I can make requests to this service's API, but is there a way for them to let my app know when X happens? You could try calling the API on a set interval. Take the response, compare it to the last, and go from there. This is polling, but it is inefficient and can be an easy way to hit rate limits. Instead, some APIs and services offer what's known as a webhook. Instead of contacting them, they contact you.

Using Auditbeat to protect your critical infrastructure

Beats are lightweight, purpose-built agents that acquire data and then feed it to Elasticsearch. Beats use the libbeat framework that makes it easy to create customized beats for any type of data you’d like to send to Elasticsearch. Auditbeat is a lightweight shipper from the Beats family that you can install on your servers to audit the activities of users and processes on your systems.

IBM and Sysdig team up to extend security governance with IBM Cloud Pak for Multicloud Management

Sysdig, an industry leader for monitoring and security of cloud-native workloads, and IBM have joined forces to bring a fully Integrated powerful platform that delivers the security and performance that enterprises need in today’s multi-cloud world. Sysdig Secure and the IBM Cloud Pak for Multicloud Management (MCM) can help you accelerate Kubernetes and cloud adoption by addressing security and regulatory compliance from the start on enterprise hybrid cloud environments.

Navigating ICS Security: Having your Action Plan Ready

Trust, respect, understanding. These are all two-way relationships that must be earned over time. Whilst someone being hired in a senior position will likely already have a certain level of each, part of your job is to continuously cultivate all three of these elements with colleagues no matter your grade. When working within a cybersecurity practice, it is critically important to have this level of understanding across large swaths of the workforce, from the senior level to operations teams.

The Outcomes of SIEM and SOAR in 2019 (Part 2)

Integration is one of the most critical features that every security product should have. But, unfortunately, this is not a case when it comes to too many traditional security tools. The organizations that were using SIEM with having integration capability remained secure to a large extent. For example, an effective SIEM can inject Threat Intelligence Feeds (TIF) from multiple different sources.

Brexit and the GDPR - what the EU Withdrawal Agreement means for data protection in the UK

Following a long period of political turmoil, the UK government’s Brexit withdrawal bill has completed its passage through the House of Commons and received royal assent. While this deal is merely the starting point of the Brexit process, it sets into motion an intensive period of trade negotiations which, regardless of whether a deal is agreed or not, could have a significant impact on the way that UK organisations operate.

Reducing Cyber Risk With AI and User Behavior Analytics

At the end of 2019, Security Intelligence released a report on trends that should influence your security planning for 2020. Near the top of the list was the need for visibility, alignment, and analytics when it comes to cybersecurity. Leaders are coming to terms with the idea that being able to see, understand, and have reliable records of what users are doing with their corporate assets can provide valuable insights when trying to reduce cybersecurity risks within your organization.

Announcing the latest version of Security Monitoring for Splunk App

It’s been a while since I have had the pleasure of announcing a new version of Security Monitoring (September 2018), but today I am doing just that. There is nothing better to inspire spending your evenings coding and playing with Splunk than your partner watching shows that just don’t interest you! For my UK friends, yes ‘Love Island’ is that show and for my more international friends "look it up!". So, what updates did I bring?

Who Are the Digital Service Providers (DSP) under the NIS Directive?

In a previous article, we discussed what the NIS Directive is. The European Union developed the Directive in response to the emerging cyber threats to critical infrastructure and the impact cyber-attacks have on society and the European digital market. The NIS Directive sets three primary objectives: The “actors of particular importance” are the operators providing essential services (OES) and digital service providers (DSP) in the EU.