Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Learn to Avoid Life Sciences Data Access Pitfalls

Data drives the life sciences. Data supports the development of new products and enables agile decision making. But for a field so completely reliant on data, the industry is struggling to find methods to adequately handle that data. Ideally, there would be centralized repositories where data is accessible, safe, and organized regardless of the format or size. Instead, there are numerous data silos spread among the different contributors to a specific project.

When Metrics and Logs are Unified, Good Business Ensues

If you’re reading this, you likely know what a log is, and what a metric is. But sometimes there are questions on their differences, whether you really need both, and if you should use dedicated solutions to manage each type. The answers? Yes, you need both; yes, they should be unified. Logs and metrics, aka machine data, are complementary.

Five Things You should Know About Enterprise Visibility

Data breaches happen daily, many of which go undetected for months and even years. In this environment, having visibility into assets across the enterprise is paramount. This critical security need is termed “enterprise visibility” and has become a household name across the industry. The concept can take on a variety of meanings depending on the stakeholder you may be dealing with across the enterprise.

Post-incident review and the big data problem

Across the board, security teams of every industry, organization size, and maturity level share at least one goal: they need to manage risk. Managing risk is not the same as solving the problem of cybersecurity once and for all, because there is simply no way to solve the problem once and for all. Attackers are constantly adapting, developing new and advanced attacks, and discovering new vulnerabilities.

10 Best SIEM Use Cases (Part 2)

SIEM security that is equipped with Artificial Intelligence (AI) and user behavior analytics can deal with internal threats. AI capabilities in SIEM help security professionals to automate tasks that are otherwise manual and repetitive. Doing so can also help to swiftly detect threats and suspicious activities in network traffic and event logs.

Understand GCP Organization resource hierarchies with Forseti Visualizer

Google Cloud Platform (GCP) includes a powerful resource hierarchy that establishes who owns a specific resource, and through which you can apply access controls and organizational policies. But understanding the GCP resource hierarchy can be hard. For example, what does a GCP Organization “look” like? What networks exist within it? Do specific resources violate established security policies? To which service accounts and groups visualizing do you have access?

NCSC Active Cyber Defence Report 2019: Evidence Based Vulnerability Management

On 16 July 2019, UK’s National Cyber Security Centre (NCSC) released the second annual report of the Active Cyber Defence (ACD) program. The report seeks to show the effects that the program has on the security of the UK public sector and the wider UK cyber ecosystem.

To SIEM or not to SIEM?

Not investing in Security Incident and Event Management solutions means you’re missing out on significant business benefits. SIEM detects and responds to security incidents in real time, which reduces the risk of noncompliance. It also helps realize greater value across all underlying security technology and systems. Reporting with SIEM is more comprehensive and less time-intensive, helping to reduce capital and operational costs through consolidation.