Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Almost every day we hear of another data breach. There has been no shortage of headline-hitting breaches here in Australia, such as Medibank and Optus. The old-school method of ransomware encrypting any data it has access to and requesting a ransom for the decryption key to restore data has evolved. It is now a more insidious and far-reaching problem involving bad actors exfiltrating data and requesting a ransom to keep from exposing that data publicly.

Firewalls are the first line of defense in any network. Firewalls can be software or appliances, and organizations can configure them up to allow or disallow some or all IP traffic, or to verify specific traffic types based on rules that use deep packet inspection. For maximum effectiveness, it’s critical to monitor the operation of your firewalls to spot threats and misconfiguration.

Many organizations today have strict data privacy regulations that they must comply with. These privacy regulations can often clash with the requirements of security, application and operations teams who need detailed log information. At Graylog, many of the organizations who use our tool are logging sensitive data that may contain personally identifiable information, health related data or financial data.

Organizations need real-world protection from malware, but how do you know what you’ll get for security coverage in advance of purchasing a product? AV-Comparatives offers a comparison as an independent organization performing systematic testing that checks whether security software lives up to its promises. They create a real-world environment for accurate testing.

SIEMs have come a long way since they first debuted in the security operations center (SOC) well over a decade and a half ago. Today, next-gen SIEMs are far more advanced than early systems, which merely gathered and logged data from different sources. Now, SIEM software can deliver comprehensive insight into network security and data protection by looking for anomalous activity that could indicate compliance, performance and security issues.

Elastic Security for SIEM continues to be recognized by leading industry analyst firms It’s that time of the year… and we’re not talking about the holidays. That’s right, it’s analyst report season. Elastic continues to be recognized by leading industry analyst firms. Today, Forrester Research recognized Elastic as a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022. Elastic had the highest score in the Wave in the strategy category.

Security vendors seem to have a complicated relationship with the MITRE ATT&CK(™) matrix. With one hand, they hold it high as a powerful resource, and with the other, they criticize some aspect of it. But regardless of your viewpoint on any given day, ATT&CK is one of the most important resources for improving your understanding of threat capabilities and aligning those to technical controls, countermeasures, or mitigations.

From on-demand healthcare services like telehealth to wearable technologies, predictive healthcare to blockchain technologies for electronic health records, or 5G for healthcare services to AI and augmented reality for state-of-the-art medical treatments, the healthcare industry is at an inflection point. These digital transformations also bring along elevated cybersecurity risks.

Splunk has been named a Leader in the IDC MarketScape: Worldwide SIEM 2022 Vendor Assessment (doc #US49029922, November 2022). We believe this recognition is a testament to our commitment to delivering a best-in-class, data-centric security analytics solution that helps our customers accelerate threat detection and investigations, and achieve cybersecurity resilience.