Armed with innovative techniques, cyber attackers today come from various organized cybercrime groups, foreign intelligence services and other competitor organizations. With more sophisticated attacking techniques developed daily by such attackers, organizations must know their purpose and behaviors in advance — and devise strategies to avoid them. Cyber counterintelligence is an effective way to improve your cybersecurity posture.

After having accelerated cloud and digital transformations during the pandemic, manufacturers might be forgiven for wanting to take a pit stop. But there is no time to slow down and rest on their laurels. On top of inflation, energy price shocks and economic uncertainty the technology landscape is shifting, faster than ever before — and so are the new kids on the block such as massive cyberattacks and sustainability imperatives.

Freshen up how you build security into the software pipeline. In this article, we’re looking at the seven core principles of DevSecOps: Let’s get started.

In computing, an audit log is a record of an event. An event is any significant action that impacts the hardware or software of a computer – anything from a mouse click to a program error. Besides documenting which resources were accessed and what for, an audit file system will also include the source and destination addresses, the timestamp, and the user ID information.

With the rapid expansion in both scale and variety of technologies in modern business systems, there comes a need to further secure those technologies to prevent nefarious actors from causing havoc. The expanding data landscape creates a much larger attack surface for bad actors to exploit, and as a result leaves many organizations at risk from theft, fraud or other undesirable behavior.

Event correlation tools are a fundamental instrument in your toolbox to detect threats from all sources across your organization in real time. A wise use of the right event correlation techniques through log management and analysis is the cornerstone of any reliable security information and event management (SIEM) strategy – a strategy that focuses on prevention rather than reaction.

Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber attacks.

This post covers how to ingest data into CrowdStrike Falcon® LogScale from your MacOS platform using Python. This guide is great for setting up a one-node proof of concept (POC) so you can take advantage of LogScale’s free trial. Before you can write your ingest client, you must prepare a good foundation. That means preparing your MacOS instance via the following steps: Ready? Let’s get started.