Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Top 5 Employee Monitoring Software For 2021

Employee Monitoring is the process of tracking employee activities such as app use, internet browsing, email communications, file transfers etc. An employee monitoring solution allows a business to keep an eye on its users so that they cannot put the organization in harm’s way intentionally or accidentally by leaking sensitive data, sabotage, fraud, theft or other miscreants.

Integrate Datadog Compliance Monitoring with your AWS Well-Architected workloads

Many of our customers rely on the Amazon Web Services (AWS) Well-Architected Framework as a guide to build safe, secure, and performant applications in the cloud. AWS offers the Well-Architected Review (WAR) Tool as a centralized way to track and trend adherence to Well-Architected best practices. It allows users to define workloads and answer a set of questions regarding operational excellence, security, reliability, performance efficiency, and cost optimization.

2021 Cybersecurity in healthcare

Breaches and cyberattacks are on the rise in the healthcare industry. The recent acceleration of digital technology and connectivity within Healthcare has led to significant patient care delivery improvements, more effective population health management, and better patient outcomes. With this increased technology and connectivity, however, comes increased exposure to cyberattacks that can impact patient care delivery, safety, and privacy.

Recommendations for monitoring SolarWinds supply chain attack with Sumo Logic Cloud SIEM

The global security community recently learned of a supply chain attack against SolarWinds via their Orion® Platform. In this blog we are providing recommendations for Sumo Logic customers to gain a deeper understanding of how to utilize available Indicators of Compromise (IOCs) within our Cloud SIEM offerings to determine your exposure to the attack. Additionally, we’re sharing targeted search recommendations from our Sumo Logic Special Operations (or SpecOps) threat hunting team.

How to Select a Third-Party Risk Management Framework

For many businesses, global third-party vendors have become an important source of strategic advantage and business value. Yet outsourcing is not without its risks. As reliance on third-parties continues to grow, so does the number of headline stories of regulatory action and reputational damage that arise from third-party breaches or failure. Those driving organizations need to reconsider how they approach, identify and manage third-party risk.

How to Secure Apache Tomcat 8 in 15 Steps

Apache Tomcat is the leading Java application server by market share and the world's most widely used web application server overall. Currently at version 8, the popular web server has not been without its security flaws, perhaps most famously publicized in this incident of aircraft hacking by security researcher Chris Roberts earlier this year. However, hardening Tomcat's default configuration is just plain good security sense—even if you don't plan on using it on your plane's network.

Defense in Depth: Why You Need DAST, SAST, SCA, and Pen Testing

When it comes to application security (AppSec), most experts recommend using Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) as “complementary” approaches for robust AppSec. However, these experts rarely specify how to run them in a complementary fashion.

Lookout Discovers New Spyware Used by Sextortionists to Blackmail iOS and Android Users

The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan. The spyware, which we have named Goontact, targets users of illicit sites, typically offering escort services, and steals personal information from their mobile device. The types of sites used to distribute these malicious apps and the information exfiltrated suggests that the ultimate goal is extortion or blackmail.

5 Key Security Challenges Facing Critical National Infrastructure (CNI)

Digital threats confronting Critical National Infrastructure (CNI) are on the rise. That’s because attackers are increasingly going after the Operational Technology (OT) and Industrial Control Systems (ICS) that shareholders use to protect these assets.

Maximize Card Profitability and Sleigh Payment Fraud Attacks with Transaction Intelligence

It’s a busy season for card issuers, card networks and payment service providers. Transaction and purchase volumes are rising across mobile and online channels — with Black Friday and Cyber Monday e-commerce sales up 15% from last year. Despite this holiday season’s resilient e-commerce sales, organizations must continue to find ways to maximize transactions and card profitability in the face of reduced in-store purchase volumes, interest margins, fees and interchange revenues.