As the world experiences the AI gold rush, organizations are increasingly turning to enterprise AI solutions to gain a competitive edge and unlock new opportunities. However, amid the excitement and potential benefits, one crucial aspect that must not be overlooked is data security — in particular, protecting against adversarial attacks and securing AI models. As businesses embrace the power of AI, they must be vigilant in safeguarding sensitive data to avoid potential disasters.

When I started Resurface, my core thesis was that web and API security brought unique requirements requiring purpose-built data systems. Using Splunk at scale for API monitoring was/is prohibitively expensive. Using Hadoop or Kafka requires a nerd army to run at any scale. Few data platforms include a mature web or API monitoring model, so this has to be custom-overlaid at significant expense.

SIEM (security information and event management) migration is rarely easy. However, when budget constraints, performance issues, or new requirements to further reduce organizational risk lead you down that path, it’s often a good idea to investigate ways to simplify the process. Elastic® and Cribl® have partnered to provide our customers with tools that simplify the process and provide ongoing value to your security operation.

This blog is the first post of a two-part series. Part 1 talks about the concept of a nation-state and then provides a high-level overview of Locked Shields — the world's largest cybersecurity exercise — and its increasingly important role in promoting cyber warfare readiness for NATO member states and partners. Part 1 also outlines the steps taken by nations to prepare for a cyber warfare exercise.

Networks are the data highways upon which you build your digital transformation infrastructure. Like interstate highways transmit goods, networks transmit data. Every connected user and device is a network digital on-ramp. When malicious actors gain unauthorized access to networks, organizations must detect and contain them as quickly as possible, requiring security analysts to embark on a digital high-speed chase.

Within the security community of late, the focus has been on “shifting left”, and while that has merit, it is somewhat myopic missing some of the realities of defense in practice. Instead, I propose a simple framework to help guide initiatives that will “level up” defenses and greatly improve security postures wholistically. Some license is taken in terminology in order to keep things simple, memorable, and applicable.

Indusface WAS integrates with all major Security Information & Event Management (SIEM) providers that integrate with Amazon S3. With this integration, you can push logs from Indusface WAS into leading SIEM providers like SumoLogic, RSA, Splunk, and McAfee. Given the complexity of modern architectures encompassing multiple security devices and environments, organizations increasingly rely on SIEM solutions.