Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A wise person once said that you should use the lookup command before you go threat hunting. Or, as I hear it in my head, “Look it up before you go-go…hunting”, a la WHAM!:   In this must-read tutorial for hunting in Splunk, we’re looking at the lookup command, including what it does and how and where to use it for threat hunting. Let’s get started! (This article is part of our Threat Hunting with Splunk series. We’ve updated it recently to maximize your value.)

For threat actors looking to create widespread damage, attacking a third-party supplier with services and software that organizations can’t always control the security measures for continues to be an enticing target. The supply chain is now the weakest link.

Modern enterprises have adopted more offensive measures to protect their organizations from evolving cyber threats. As a result, many security teams are looking to breach and attack simulation (BAS) and threat intelligence (TI) tools to enhance their programs and work more efficiently.

Realst malware targets macOS Sonoma ahead of public release, infostealer malware sees exponential growth, and new Nitrogen malware spreads via Google Ads for ransomware attacks.

In September 2019, California signed Senate Bill 327, also known as the California Internet of Things (IoT) Security Law. While not an extensively written piece of legislation like the California Consumer Privacy Act (CCPA), SB-327 took effect on January 1, 2020, and focuses on manufacturers of connected devices—requiring updated security standards that protect both devices and end-users. Learn how UpGuard can help your organization update security standards and monitor risk >

The recent rise of ransomware, attacks on supply chains and increasing costliness of privacy regulations has made cyber insurance an important topic of discussion. But it can be tricky to keep up with cyber insurance requirements. One of the most robust ways to meet those requirements is with multi-factor authentication (MFA).

Let’s say you’ve built a PHP application, but you want to separate it from supporting infrastructure in a way that keeps things lightweight, portable, and still quite secure. You’d like other developers to be able to work on it without having to recreate whole environments. In short, what you want to do with your application is containerize it — package it and its dependencies into containers that can be easily shared across environments.