Public sector organisations are in the middle of a massive digital transformation. Technology advances like cloud, mobile, microservices and more are transforming the public sector to help them deliver services as efficiently as commercial businesses, meet growing mission-critical demands, and keep up with market expectations and be more agile.

This is part of my two-part blog series about HALOCHAIN technology. In my previous blog, I wrote about the introduction to SECUDE’s HALOCHAIN technology (Patent Pending) and how it will revolutionize the digital trading business. In this 2nd and final part of my blog, I will write about how system administrator holds the key to the company’s most critical data and how HALOCHAIN technology can be used to mitigate the risks related to log file manipulations.

Members of the cybersecurity industry — including the Devo team — are gathering this week for the annual Black Hat USA conference in Las Vegas. Some will be present in person. Many others will participate virtually due to travel issues related to the pandemic. In either case, the latest edition of Black Hat, and its home city, have me thinking about cybersecurity and… gambling.

We are pleased to announce the general availability (GA) of Elastic 7.14, including our Elastic Enterprise Search, Observability, and Security solutions, which are built into the Elastic Stack — Elasticsearch and Kibana. Elastic 7.14 empowers organizations with the first free and open Limitless XDR, which delivers unified SIEM and endpoint security capabilities in one platform.

What is it about Devo that enticed you to join the company? If you look at my history, you’ll quickly realise I am passionate about two things: data and cybersecurity. One other passion that is not widely known is that I am a bit of a graph-processing fanatic. Solving problems in the modern security landscape isn’t just about collecting loads of data — which Devo does well — but how you can turn that data into actionable intelligence.

Let’s take a trip — back about eight years — when a Gartner analyst coined the term endpoint detection and response (EDR). He was describing security systems that both detect and investigate suspicious activities on computers and other devices and use automation to help security operations center (SOC) teams quickly identify and respond to threats. Since then, EDR has become a critical component of a modern security stack for organizations of all sizes.

Security Information and Event Management (SIEM) technology provides visibility across an organization's information security systems by collecting and correlating events from logs across many different sources. Security analysts use tools like a SIEM to go “threat hunting”. By correlating disparate events across systems, they can often detect Indicators of Compromise (IoC’s) that may otherwise go unnoticed on individual systems.

Deploying a SIEM requires strategic planning. When deciding on a deployment, an organization must consider the level of risk it is willing to assume, what its security priorities are, and which use cases to implement. From there, your security operations team must thoughtfully identify their inputs — the data the SIEM solution will gather — before rolling out anything. Otherwise, you won’t obtain your desired outputs to identify high-fidelity alerts to act on.

This is part of my two-part blog series about HALOCHAIN technology. In this introductory blog, you will get a glimpse of SECUDE’s HALOCHAIN technology (Patent Pending) and how it will revolutionize the digital trading business. In my next blog, I will write about how system administrator holds the key to the company’s most critical data and how HALOCHAIN technology can be used to mitigate the risks related to log file manipulations.