Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SecOps

How to Encrypt S3 Buckets Automatically with Torq

S3 buckets without encryption can leave sensitive data exposed and at risk. As a best practice and to meet a number of industry and governmental regulations, it’s important to ensure that S3 server side bucket encryption has been properly applied at all times. To do this, many security teams rely on their Cloud Posture Security Management (CSPM) platform and/or AWS GuardDuty to monitor their AWS resources and provide alerts when an S3 bucket is found unencrypted.

Building Operational Efficiency in Your SOC with Better Visibility

As security operations leaders, we are burdened with a large responsibility. The expectation is that we can respond to alerts as soon as possible and be able to investigate immediately. It sounds simple, but in today’s cyber threat landscape we are faced with growing threat vectors and a sheer volume increase in overall alerts or notifications. Failure to respond quickly enough or investigate the right areas could result in huge impacts to the organizations we are responsible for.

Don't Leave Dollars on the Table: How to Find and Leverage Federal Funding

By now it’s become clear—hybrid and remote work are here to stay. This goes for employees in the government sector as much as it does for those in other industries. Along with increased flexibility, however, comes increased attack surfaces for security professionals to defend.

Collective Cybersecurity: A Shared Responsibility Model

The state of cybersecurity today is, in a word, catastrophic. Breaches have become endemic. Not only do they continue at dizzying rates, but they are actually increasing in frequency by the month. Why are things so bad? And why do businesses seem so helpless to make them better? Those are complicated questions without simple answers, of course – but I believe that a major part of the answer has to do with the fact that, at most organizations, security remains the domain of elite security teams.

Arctic Wolf's Canadian Survey Reveals 2022 Cybersecurity Challenges

Late last year, The Canadian Center for Cyber Security published an in-depth threat bulletin declaring it had knowledge of 235 ransomware incidents against Canadian victims from in 2021, with more than half of these victims being critical infrastructure providers. The report also explains that most ransomware events remain unreported to the Center, and—based on past findings—once targeted, ransomware victims are often attacked multiple times.

Open Source Cybersecurity: Towards a Democratized Framework

Today, anyone can contribute to some of the world’s most important software platforms and frameworks, such as Kubernetes, the Linux kernel or Python. They can do this because these platforms are open source, meaning they are collaboratively developed by global communities. What if we applied the same principles of democratization and free access to cybersecurity?

Top Cyber Attacks of January 2022

2021 broke new ground in terms of cybersecurity, and much was ground just as well left unbroken. With no indication that ransomware, data breaches, and assorted malware will go away soon, the new year is a time for organizations to get a fresh start and really fortify themselves against a widening field of threats. One month in, we've already seen a disturbing array of attacks, from those on political targets to distressing new malware to a breach of exceptional sensitive information.

2021 Data Breaches in Review: A Glimpse at the Most Damaging Cybercrimes of the Year

2021 was another record-breaking year for cyber attacks, with reports of massive breaches and huge ransomware demands dominating headlines. It’s a trend that does not seem to be slowing any time soon, either. Currently, there are thousands of vendors in the market, with over $130 billion spent annually on defense and yet, the number of breaches continues to rise. Arctic Wolf's 2021 Data Breaches in Review counts down the most noteworthy, high-profile, and damaging data cybercrimes of the year.
Sponsored Post

Fix the Broken State of Security with a "Security for all" mindset

Which cultural values empower businesses to thrive today? That's an open question, of course. But I suspect most employees, managers, and analysts would include items like collaboration, transparency, and creativity on the list of essential ingredients in business success. Indeed, you could argue that these values are at the core of a variety of modern organizational and technical innovations, from DevOps (which is all about collaboration) to open source software (which centers on collaboration and transparency) and the creator/maker movement (which is, of course, all about creativity).

The state of the SOC: skills shortages, automation and gaining context remain a challenge for SOCs

The security operations center (SOC) has been on the front line facing the pandemic-induced escalation of cybersecurity threats in the past eighteen months. A 2020 study by Forrester found that the average security operations team receives more than 11,000 alerts per day and that figure is likely to have grown in the intervening period. While they were deeply engaged responding to the crisis, SOC teams were simultaneously facing the disruption common to all formerly office-based workers.