Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

This Month in Datadog: App Builder, updates to Vulnerability Management and App Security, and more

Datadog is constantly elevating the approach to cloud monitoring and security. This Month in Datadog updates you on our newest product features, announcements, resources, and events. To learn more about Datadog and start a free 14-day trial, visit Cloud Monitoring as a Service | Datadog. This month, we put the Spotlight on Datadog App Builder.

Why Am I Getting So Many Spam Calls?

You may be receiving an increase in spam calls if your phone number is on the dark web or people search sites, if you’ve answered spam calls in the past or if your phone number was leaked in a data breach. Spam calls are unwanted calls that could be from telemarketers, robocallers or scammers. Although some spam calls are simply unsolicited, scam calls fall under the category of spam calls but are different due to their malicious nature.

Account Takeover Protection: What It Is and How It Combats ATO Fraud

Think about how many employees work at your organization. Now think about how many sensitive files each one can access. A single compromised user account could lead to an extortion scam, a ransomware attack, or even a data breach. If you haven’t reviewed your account takeover protection protocols in a while, now is the time. Account takeover (ATO) protection is not a single countermeasure, but rather a whole set of cybersecurity measures.

SaaS Security Best Practices for Modern Organizations

Most modern organizations run on SaaS applications, and many use them to store sensitive data. The global SaaS market reached a total value of $206 billion in 2023, and is expected to climb to $247 billion by the end of 2024. Organizations must employ a complex system of practices to keep their SaaS apps secure and their data safe. Because SaaS apps are delivered through the cloud, they must be managed and secured differently than other types of software.

CMMC 2.0: A New Era of Cybersecurity for the Defense Industrial Base

The Cybersecurity Maturity Model Certification (CMMC) framework is undergoing a significant transformation with the introduction of CMMC 2.0. This revamped approach aims to streamline compliance, reduce costs, and enhance the overall security posture of the defense industrial base (DIB). CMMC is a framework developed by the U.S. Department of Defense (DoD) to assess and certify the cybersecurity posture of its contractors and subcontractors.

The Final Shell: Introducing ShellSweepX

Over the last year, we have continued to witness web shells breaching organizations worldwide, affecting both edge devices and on-premise web applications. Web shells consistently evade standard controls, posing a persistent threat. Today, the Splunk Threat Research Team is excited to announce the final tool in the ShellSweep collection: ShellSweepX.

Splunk SOAR Has Attained FedRAMP Moderate Authorization

Splunk is proud to announce that Splunk SOAR has received Federal Risk and Authorization Management Program (FedRAMP) Agency Authorization at the Moderate impact level. Splunk SOAR is ready to help public sector teams work smarter by automating repetitive tasks, responding to security incidents in seconds, and increasing analyst productivity and accuracy to better protect their organizations and the missions they serve.

Random but Memorable - Episode 13.4: Creating Cybersecurity Program Pie with Alan Watkins

Why should we stop using work laptops for personal use? Is your car sneakily selling your driving data? We answer all that and more in Watchtower Weekly. We also invite special guest, Alan Watkins, to the show to walk through his book: Creating a Small Business Cybersecurity Program. Tune in, as Alan serves up a non-technical guide for small business owners to get started with security and putting privacy at the heart of their business.

Major Scam Operation Uses Deepfake Videos

Researchers at Palo Alto Networks’ Unit 42 are tracking dozens of scam campaigns that are using deepfake videos to impersonate CEOs, news anchors, and high-profile government officials. Unit 42 believes a single threat actor is behind the scheme. The researchers discovered hundreds of domains used to spread these campaigns, each of which has been visited an average of 114,000 times. The goal of the operation is to spread investment scams and fake government-sponsored giveaways.

Securing Infrastructure in Healthcare: Reducing Breaches and Building Resiliency

Telehealth and remote patient monitoring solutions enable healthcare providers to deliver care beyond traditional clinical settings. However, developing and deploying these digital healthcare solutions involves navigating complex challenges, particularly regarding data privacy and regulatory compliance. Ensuring adherence to HIPAA regulations while securely managing remote infrastructure adds layers of complexity for healthcare IT, security, and engineering teams.