Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

While we are a long way from implementing Skynet, using machine learning combined with automation to make real-time decisions is here. In a recent talk at Sumo Logic Illuminate, Dave Frampton, General Manager of Cloud SIEM and Security Analytics, discusses the future of security with Vijaya Kaza, Head of Engineering and Data Science for Trust & Safety and Chief Security Officer at Airbnb. Kaza describes how automation, machine learning and AI can strengthen a company's overall security posture.

Gartner made an interesting prediction just a few years ago: “Through 2025, 99% of cloud security failures will be the customer’s fault.” Practically every single cloud security failure can be fairly described as a misconfiguration of one kind or another. The 2025 end is kind of arbitrary, really; the prediction is likely to be true until the end of time. In my previous article, I discussed targeting these misconfigurations at their root.

In our last blog post How to Pass a FedRAMP Audit for SaaS Providers: Part 1 , we looked at what FedRAMP is and why it matters for SaaS providers. We also discussed a success story with one publicly traded Teleport SaaS customer who used Teleport to pass their FedRAMP audit.

A decade ago, many were reluctant to move to the cloud. Many felt like they would have to relinquish controls they had within their perimeters. That sentiment has since reversed, where organizations have become more comfortable with cloud technology. The newest concern is about corporate data leaving the cloud, especially as employees expect to work from anywhere. Software-as-a-service (SaaS) applications have enabled people to stay productive from anywhere, but have also amplified security gaps.

According to Germany’s Federal Office for Information Security (BSI), the country faces a grave and growing threat as society becomes more digitally connected and criminals more sophisticated. The BSI said threat levels have reached red alarm levels.

In this tutorial, we will create and deploy a server that scans files for sensitive data (like credit card numbers) with Nightfall’s data loss prevention APIs and the Flask framework. The service ingests a local file, scans it for sensitive data with Nightfall, and displays the results in a simple table UI. We’ll deploy the server on Render (a PaaS Heroku alternative) so that you can serve your application publicly in production instead of running it off your local machine.

In this tutorial, we will create and deploy a server that scans files for sensitive data (like credit card numbers) with Nightfall’s data loss prevention (DLP) APIs and the Flask framework. The service ingests a local file, scans it for sensitive data with Nightfall, and displays the results in a simple table UI. We’ll deploy the server on Render (a PaaS Heroku alternative) so that you can serve your application publicly in production instead of running it off your local machine.

In Elastic Security 7.16, multiple new out-of-the-box data integrations for Elastic Agent streamline data ingestion and normalization, powering security operations. The release also introduces full production support for several existing data integrations. Version 7.16 introduces an expanded set of malicious behavior protections, addressing methods related to initial access, privilege escalation, and defense evasion.

Cybercrime is a relevant threat any time of year, but especially during the holidays. The FBI recently issued a warning about rising ransomware attacks on holidays and weekends, a trend that is far from new but growing. As cybercrime continues to rise, holiday cybersecurity needs to improve. Many of the largest cyberattacks, including the Colonial Pipeline attack, have happened over various holidays. Smaller attacks tend to increase around these times of the year, too. Here are six reasons why.

From stealing sneakers to pinching PlayStations, bots are increasingly earning a reputation for being nefarious and disruptive – none more so than bots deployed by state actors to wield significant geopolitical influence. The Arab Spring, Brexit, and recent US presidential elections have all been victim to carefully orchestrated bot attacks from myriad geopolitical actors.