Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Hunt for cloud session anomalies with Cloud SIEM

In today’s cloud-native world, systems are usually accessed by users from multiple devices and in various geographic locations. Anyone who has tried to operationalize an impossible travel type alert for cloud resources will understand the myriad nuances and gotchas involved in such an endeavor. A user may be accessing a cloud resource from a mobile device that is tied to a carrier network well away from their normal geographic location.

Selecting SIEM Tools - Questions to Consider

So, you’ve done your homework. You’ve clearly defined business requirements, and you think you want to implement a Security Information and Event Management (SIEM) solution into your organization. Cloud migration and remote work have changed the way threat actors attack, and it feels like every day you read about a new methodology. While a lot of companies added a SIEM to their cybersecurity technology stack, you’re not sure whether you can afford one.

NEW! Elastic Security 8.13: Manage benchmark rules and automated endpoint responses

Elastic Security 8.13 introduces a refined benchmark-rules experience, advanced endpoint response actions, and a suite of enhancements to help users continue to accelerate their security program. Some of the major features included in this release enable users to: Elastic Security 8.13 is available now on Elastic Cloud — the only hosted Elasticsearch offering to include all of the new features in this latest release.

Security Misconfigurations: A Deep Dive

Managing configurations in a complex environment can be like playing a game of digital Jenga. Turning off one port to protect an application can undermine the service of a connected device. Writing an overly conservative firewall configuration can prevent remote workforce members from accessing an application that’s critical to getting their work done.

Guarding the game: securing digital playgrounds

Imagine needing to stop a playoff game because viewers were actively impacting the sport, helping players catch impossible passes or score points they never should have gotten. That’s the equivalent of what happened when an Apex Legends hack during the North American finals interrupted the tournament and raised cybersecurity concerns for everyone involved. With global esports a billion-dollar industry, and competitive video gaming in general worth much more than that, this has a serious impact.

Why Real-Time Analytics Are Vital to Your Security

Time is a luxury your SOC can’t afford to waste. To keep your SOC efficient and effective, real-time analytics are crucial. Modern security data platforms give your team this ability by not indexing data on ingest, which ensures that security data is available for immediate analysis and allows your SOC to react swiftly to threats. Here are some of the other reasons why real-time analytics help keep your organization secure.

NIST CSF V2: What's Hot and What's Not!

NIST is to the US government what The Watcher is to the Marvel universe. In theory, it should simply observe the world around it, but in reality, it responds to evolving threats through interference. Despite the buzz around the update to the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), you might find it hard to say that any compliance falls under the category of “hot.”

Is Your SIEM Data Ingestion Keeping Pace?

The ability for your SIEM to ingest data at scale is critical, especially in a world where threats target a vast array of attack surfaces. Ensuring full visibility of all log data is paramount, and you need a SIEM that can ingest any event, in any format, to effectively hunt for threats. Remember, you can’t secure what you can’t see. Whether you’re taking a close look at your current solution or evaluating new potential vendors, here’s what to consider around SIEM data ingestion.

Secure data is superior data: A security-first approach to the DoD Data Strategy

The US Department of Defense (DoD) has vast reserves of data, and the key to warfighter advantage is leveraging relevant data as a strategic asset to gain battlespace operational advantage, accelerating operational multi-domain decision-making at echelon scale.