Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Endpoint detection and response (EDR) systems such as SentinelOne Singularity Endpoint, CrowdStrike, and Microsoft Defender monitor IT infrastructure such as computers, mobile devices, and network devices to detect, alert on, and respond to cyber threats. These EDR systems record data about the endpoints to identify abnormal behavior, block malicious activity, and provide remediation suggestions with contextual information.

Collaboration platforms like Atlassian Jira and Atlassian Confluence contain sensitive company and employee data, making them critical targets for cyberattacks. Teams use Jira to track and manage projects, and rely on Confluence as an internal knowledgebase for documentation, company policy guides, team wikis, and more. Atlassian organizations, which provide a centralized place for admins to manage their Atlassian products and users, are also prime targets.

As cyberattacks rise in number and sophistication, many CISOs are pushing their organizations to adopt modern SIEM solutions to better monitor and investigate threats to their applications and infrastructure. Enterprises with a large Microsoft Azure or Windows-based footprint in particular are increasingly eyeing Microsoft Sentinel to consolidate their security stack and workflows.

Every day, insurance companies manage vast amounts of sensitive data, including medical records, financial information, and personal identifiers—all of which are processed and stored across various services, applications, and cloud resources. The types of sensitive data that these companies collect has become more complex and nuanced, with varying requirements for protection.

In Part 1 of our cloud security research and guide roundup, we looked at our contributions to helping you manage cloud infrastructure, data, identities, and access. In Part 2, we share our research, insights, and guides from Datadog Security Labs and The Monitor that support the NSA’s cloud mitigation strategies in the following areas: We’ll also go beyond these common strategies to look at how security plays a role in working with LLMs.

Developing in the cloud introduces unique challenges for protecting applications, resources, and data. These challenges include but are not limited to detecting legitimate threats to your environment and managing complex cloud permissions and access controls.

Google Workspace is a popular productivity suite, and its broad collection of apps (such as Gmail, Drive, Calendar, and Docs) can give attackers a central point of entry for accessing sensitive and valuable data if they compromise an account. Learning how to identify malicious activity in your Workspace environment enables you to stop threats before they become more serious. In this post, we’ll look at a few ways attackers gain access to and take advantage of Google Workspace.

A primary goal for security teams is identifying specific threats to their environment, but they often face the daunting task of reviewing vast amounts of log data and alerts. Even with well-crafted detection rules, sifting through irrelevant data to pinpoint essential details for an investigation can be a significant challenge. This not only prolongs investigation times but also increases the risk of overlooking critical information.