Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Why is an effective IPAM strategy crucial for enterprise networks?

As businesses expand, their networks become increasingly complex, encompassing on-premises devices, remote workstations, cloud services, and IoT devices. This growth, coupled with rising cloud adoption, puts immense strain on the process of maintaining a stable and secure infrastructure. In today’s hyper-connected world, even a brief network outage or security breach can result in significant financial losses, operational downtime, and reputational damage.

Refund fraud: what it is, why it's increasing, and how to stop it

Discover the many ways refund fraud shows up — and learn how to stop it. Shana is a product marketing manager focused on the Persona platform and marketplaces. You can usually find her running around San Francisco with a coffee in hand. Shana is a product marketing manager focused on the Persona platform and marketplaces. You can usually find her running around San Francisco with a coffee in hand.

Fueling the SOC of the Future with Built-in Threat Research and Detections in Splunk Enterprise Security

The cybersecurity threat landscape is ever-changing and evolving, with bad actors implementing increasingly sophisticated strategies to evade detection. However, many security teams struggle to adapt their detection strategies at the same pace. Supporting advanced threat detection requires organizations to invest in consistent threat research and detection engineering. Without that, they cannot develop the high-quality detections needed to target the latest threats.

The Need for Next-Generation Web Application Firewalls (WAFs) in Modern Threat Landscape

In today’s ever-evolving threat landscape, organizations face numerous security challenges that necessitate a shift from traditional web application firewalls (WAFs) to next-generation solutions. This article aims to highlight the failures of traditional WAFs, contrast them with the capabilities of next-gen WAFs, and emphasize the crucial need for API security in the current digital ecosystem.

A Secure VPC as the Main Pillar of Cloud Security

In 2019, the Capital One breach led to the exposure of 100 million customers’ personal data due to a misconfigured WAF. The incident ultimately cost Capital One over $270 million in fines and compensation, demonstrating the serious risks inherent in cloud security and highlighting the urgent need for robust security measures. As cloud adoption accelerates, public cloud services spend is expected to jump 20.4% versus 2023, reaching $675.4 billion this year.

Going beyond the standard: Announcing the State of Trust Report 2024 and VantaCon agenda

Building and scaling trust has become more difficult for organizations of all sizes. With more reliance on third-party vendors and AI technologies, security leaders face an increasingly complex threat landscape. However, many teams are left to manage this complicated landscape with screenshots, spreadsheets, and legacy solutions that rely on manual updates and limit them to point-in-time visibility into their security posture.

CSI Forensics: Unraveling Kubernetes Crime Scenes

This is the second episode of the CSI Container series, published and presented at CloudNativeSecurityCon 2024. In this episode, we focus on Kubernetes CSI, how to conduct DFIR activities on K8s and containers, and how to perform static and dynamic analysis. As we covered in the first episode, DFIR refers to the union of Digital Forensics (DF) and Incident Response (IR). We also highlighted how conducting DFIR activities in a container environment differs from the usual DFIR in a host environment.