Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One of the primary debugging tools for a cloud-native developer is the simple, humble log file. Some malfunctioning systems can be impossible to debug without them. FluentD is an open source log collector that provides unified log processing across multiple emitter systems, either on the same logical device or separate devices. For example, on a single k8s pod, logs are emitted from the pod itself, the container running in the pod and the microservice running in the container.

As we look towards 2023, it is important to gain insight from top cybersecurity experts on the emerging threats and trends in the field. In this interview series, we spoke with four leading CISOs in order to gain their perspective on the threats, trends, and their personal goals as CISOs in 2023. Meet our panel of distinguished CISOs who will impart their foresight and guidance on the future of cybersecurity in 2023. ‍ ‍

Established in 2006, CREST, or Council of Registered Ethical Security Testers is a non-profit membership body. It aims to vet both cybersecurity-providing organizations and security-testing individuals on their capacities, processes, and the standard of services provided. One of the accreditations provided by CREST is vulnerability assessments provided by companies. They are then differentiated as CREST vulnerability assessments.

2023 has started off with an incredible bang. If you’re in the cybersecurity industry, you might be looking to learn more about the upcoming trends in cybersecurity, connect with like-minded peers, and expand your network.

Last month, over the holidays, we witnessed multiple vendors experience security breaches of varying levels of severity. From LastPass and Okta to Slack and CircleCI, the news has been filled with headlines reporting on the aftermath of these incidents. We wanted to briefly cover these stories and discuss their implications for you in the current year.

Security teams can greatly strengthen their cyber resilience by adopting a left-of-bang strategy.

Last week, T-Mobile disclosed that the personally identifiable information (PII) of 37 million of its past and present customers had been breached in an API attack. They also shared that the attack had been going on since November but was only caught January 5 by T-Mobile’s security team. Coverage of the attack has been swift, far-reaching, and harsh, as this represents T-Mobile’s 8th breach since 2018.

In our new threat briefing report, Forescout’s Vedere Labs analyzes the Royal ransomware threat actor group and encryptor payload, presents threat hunt opportunities for network defenders and shares details of the group’s tactics, techniques, and procedures (TTPs).

In the world of cybersecurity, the spotlight often shines on protecting applications, networks, and individual accounts. Application programming interfaces (APIs), on the other hand, present their own set of challenges to secure. APIs account for a significant portion of internet traffic and handle massive amounts of information from a wide variety of programs and applications; consequently, they make for an appealing target in the eyes of cybercriminals.

In our post-pandemic world, more and more individuals are splitting their time between the corporate office and their home office or working remotely full-time. This shift is blurring the lines between professional and personal cyber hygiene and privacy, which can pose a significant risk to organizations.