Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In recent months, we’ve seen a sharp rise in software supply chain attacks that infect legitimate applications to distribute malware to users. SolarWinds, Codecov and Kesaya have all been victims of such attacks that went on to impact thousands of downstream businesses around the globe. Within minutes of these high-profile attacks making headline news, CEOs often ask: “Should we be concerned? How is it impacting us? What can we do to mitigate risk?” .

After a couple of hard-working months full of exciting strategic discussions following the acquisition of DFLabs by Sumo Logic that was concluded this May, we are surely moving forward and laying the groundwork for the future of our Cloud SOAR as a part of Sumo Logic’s Modern SOC Strategy.

Our mission is to create a force multiplier for SOC teams and security analysts so they can reduce the time to verdict or judgment while triaging new Insights. At Sumo Logic, we take a different approach than other SIEM solutions. We don’t just create alerts and leave the analyst to gather other artifacts to gain context. We associate and group alerts, or what we call Signals, to an Entity (IP, User, Hostname, etc...).

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.

Information security is an exciting and rapidly growing field for individuals who are interested in protecting users and their data. In an effort to map out the industry as a possible career choice, we recently conducted research into the top 10 infosec jobs based on overall pay grade. We now continue with the second part of our two-part series.

Active Directory Certificate Services has been around for a long time, but resources for learning it are not great. As a result, it often has misconfigurations that are an increasing vector for attacks. In fact, SpecterOps released a whitepaper detailing a number of misconfigurations and potential attacks and providing hardening advice.

As organizations move their infrastructure to the cloud, payment data are being exposed unknowingly leading to high profile data breaches. Find out how the new guidance from PCI Security Standards Council (PCI SSC) and Cloud Security Alliance (CSA) can help protect your cardholder data in the cloud.

After being hit by a ransomware or phishing attack, it might be tempting for businesses to think the damage has been done and they can now focus on rebuilding. This is rarely the case. Research shows that 80% of organisations targeted by ransomware end up suffering another attack – and 46% are targeted by the same cybercriminals that hit them in the first place.

Cyberattacks are on the rise. The growing number of internet-connected devices and the value of business data means cybercriminals have more to gain than ever from breaking into a company’s network. It’s not uncommon for hackers to target operations of all sizes — meaning that any company holding onto important information needs defenses that will keep that data secure. These seven strategies are some of the most important cybersecurity tactics for a business to use.

Vigilant companies continuously review risks and their cybersecurity postures. They deploy active defense-in-depth measures and utilize the latest malware detection and mitigation techniques. However, there is one type of vulnerability that tends to fall through the cracks—insider threats. That’s because IT organizations often believe it’s management’s problem to address, while managers believe IT groups have insider threats under control.