Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Automatic Deprovisioning of users for Okta IdP

Splunk has implemented SCIM (System for Cross-domain Identity Management), a standardized protocol designed for efficient and secure management of user identities across various systems. With the release of this feature, Splunk customers can automatically deprovision users within Splunk when a user(s) are removed from the customer’s Okta Identity Provider (IdP) with following benefits for the customers.

How the U.S. Department of Justice Can Improve Its Approach to Combat Ransomware Attacks

Earlier this month, the U.S. Department of Justice’s Office of the Inspector General released a report on how the Department could improve its approach to combat ransomware attacks. The report included an audit and evaluated the Department’s strategy to respond and counter ransomware attacks during a two-and-a-half-year period from April 2021 through September 2023.

The Road Taken: Pathways to Better Compliance

Ralph Waldo Emerson, the renowned American writer, lecturer and philosopher, is often credited with the phrase “It’s not the destination, it’s the journey.” Legal, Compliance, Risk and Security professionals would be wise to consider Emerson’s wise words and philosophy. The path to optimal compliance outcomes and practices is long and full of twists and turns – with new and increasingly complex rules, regulations and legal regimes.

Trustwave Adds a Twist to Cybersecurity Awareness Month: More Security!

October 1 marks the start of Cybersecurity Awareness Month and traditionally Trustwave has discussed the general security concepts highlighted by the Cybersecurity and Infrastructure Security Agency (CISA), and National Cybersecurity Alliance (NCSA). However, this year Trustwave will take a slightly different approach. In the same vein that one can never have too much cowbell, Trustwave believes there is no such thing as too many security tips.

Breaking Down the OWASP Top 10 API Security Risks 2023 (& What Changed From 2019)

The OWASP Top Ten lists have been the cornerstone for application security best practices for over two decades. The 2019 list was the first edition of the OWASP API Security Top 10. The latest, OWASP API Security Top 10 2023, gives our security and engineering teams a glimpse of attack vectors that are becoming more common. With that in mind, it also helps our security teams to ensure that they have adequate coverage for security testing.

Why the disaster recovery strategy my company has always used may not be enough.

Is my organization’s disaster recovery strategy ready for today’s uncertain cyber landscape? Your company has determined the recovery point objectives (RPOs) and recovery time objectives (RTOs) for all systems. You have also implemented solutions to achieve these goals. Your organization routinely performs successful Disaster Recovery (DR) tests meeting your established expectations and objectives.

How To Ensure Data Integrity

You can ensure data integrity in your organization by enabling data encryption, investing in a password manager, regularly backing up your data and implementing strict access controls. Data integrity ensures that your data is accurate and complete, meaning it hasn’t been changed, removed or stolen by an unauthorized user. Continue reading to learn why data integrity is important and how your organization can ensure your data is accurate, complete and consistent.

Facebook Marketplace Scams To Avoid in 2024

In 2024, you should avoid several Facebook Marketplace scams, including those related to mobile payments, gift cards, stolen items and rental properties. Facebook Marketplace is part of Facebook and it allows you to buy or sell items from local individuals or small businesses. Since some Facebook Marketplace transactions occur online, there are various ways you could fall victim to these types of scams.

Critical Vulnerabilities Uncovered: How Bitsight Delivered Fast, Actionable Insights in Under 24 Hours

The speed at which vulnerabilities are detected and addressed can drastically impact an organization’s likelihood of suffering a security incident. Recently, Bitsight demonstrated how its investments in product fingerprinting and CVE mapping allowed it to identify and surface assets potentially impacted by a set of critical vulnerabilities in the CUPS printing system in under 24 hours.

Faster threat detection, stronger security: The Kibana advantage

In the world of security, every second counts. A shorter mean time to detect (MTTD) translates to less damage, increased customer trust, and a greater likelihood of securing cybersecurity support. An important factor in achieving this rapid response is the power of an intuitive and user-friendly interface.