Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This month has been full of new feature announcements, as well as various improvements to security team workflows. Read on to learn more about how you can leverage Nightfall's latest offerings.

DMARC, which stands for "Domain-based Message Authentication, Reporting and Conformance," is an email authentication protocol that protects your domain from domain spoofing and impersonation attacks. Implementing a DMARC policy in your domain's DNS records helps to protect your email recipients from spam and malware, while maintaining your domain and brand credibility.

DevSecOps, or secure DevOps, is the mindset in software development that everyone is responsible for application security. By integrating developers with IT operations and focusing everyone on making better security decisions, development teams can deliver safer software with greater speed and efficiency. In practice, DevSecOps can add some friction and hinder the development process.

In this blog, I’ll share a few NetOps observations of the Black Hat network that I made during my time serving in the Black Hat Network Operations Center (NOC). My hope in doing so is to spark some ideas on how you can use an existing tool like Zeek for a new purpose. These insights were particularly revealing, despite not being linked to any security incidents.

Modern business is synonymous with third-party relationships. Organizations now rely on external providers for critical services and outsource essential responsibilities to improve operational efficiency and cut costs. The benefits of third-party vendors are clear, but so are the risks. The average organization has expanded and digitized its supply chain over the last few years while simultaneously increasing its risk profile and subjecting itself to new levels of risk.

In order to help organizations more effectively secure their cloud environments, we are making changes to our Cloud SIEM product. As of December 4, Datadog has introduced a new offering in Cloud SIEM: Cloud SIEM 15-Months Retention, which automatically stores logs for 15 months after ingestion.

GitHub is a mission-critical software development and version control platform that is used to store proprietary source code and other sensitive data. Monitoring logs generated by activity in your GitHub environment can be useful, as unexpected patterns of behavior could indicate attacker activity or insider threats.

Line Messenger is a communication app that allows users to communicate for free by sending messages and making voice calls. Japan’s mega-corporation, LY Corp., owns them; LY offers a variety of lifestyle solutions, including shopping, business, gaming, and financial tech apps. LY purportedly discovered a breach at the beginning of October—although investigations are ongoing, the event may have exposed thousands.

In the fast-paced digital world, think of Application Programming Interfaces (APIs) as the threads that stitch together the fabric of our tech ecosystems. They're often overlooked, quietly ensuring that your apps communicate seamlessly and keep the digital world running smoothly. The majority of organizations grapple with a common challenge — limited visibility into their public API attack surfaces.

DevSecOps, also known as secure DevOps, represents a mindset in software development that holds everyone accountable for application security. By fostering collaboration between developers and IT operations and directing collective efforts towards better security decision-making, development teams can deliver safer software with greater speed and efficiency. Despite its merits, implementing DevSecOps can introduce friction into the development process.