Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches

Trustwave SpiderLabs on October 29 will launch its second deeply researched look into the threats facing the retail sector. The 2024 Trustwave Risk Radar Report: Retail Sector will cover in detail the threats facing the industry, the most prominent adversaries in the field, and the commonly used methods to attack retailers. The main report is supported by two supplementary pieces.

CrowdStrike + Fortinet: Unifying AI-Native Endpoint and Next-Gen Firewall Protection

In today’s fast-evolving cybersecurity landscape, organizations face an increasing barrage of sophisticated threats targeting endpoints, networks and every layer in between. CrowdStrike and Fortinet have formed a powerful partnership to deliver industry-leading protection from endpoint to firewall.

Falcon Foundry: Build Custom Apps to Solve Tough Security Challenges

Not all security operation centers (SOCs) are equal. They have teams of different sizes, with varying skill levels, protecting a wide range of industries around the world. However, they have a few things in common — for one, they face many of the same threats, and many SOC teams struggle with the complexity of managing several disparate tools to detect and disrupt them. As the cybersecurity industry matures, SOC teams have more options to consolidate the security tools they use.

The Past, Present, and Future of File Integrity Monitoring

Also known as change monitoring, File Integrity Monitoring (FIM) solutions monitor and detect file changes that could indicate a cyberattack. They determine if and when files change, who changed them, and what can be done to restore files if those changes are unauthorized. As such, FIM solutions are useful for detecting malware and achieving compliance with regulations like PCI DSS and are a crucial part of any enterprise security stack.

A trainer's take: "Training alone won't change behaviours"

I've spent over 35 years as a trainer in various capacities, so it might surprise you to hear me say that training alone isn't enough to change behaviours—particularly when it comes to security. This isn't just my opinion; it's a conclusion from our State of Human Risk Management in 2024 Report. To understand why training isn't the full solution, we need to delve into the field of human error. Mistakes—errors caused by wrongly applied knowledge—can often be corrected with training.

What is UPnP? And Why is it Still a Security Risk?

In this video, learn what UPnP is, what it does, use cases, why it's a security risk, and security measures you can take. Learn more about: Resources and social media: Transcript: Universal Plug and Play, or UPnP, is a way for all devices on a local network to discover and connect with each other automatically, rather than having to connect each device by manually entering protocols like TCP/IP, HTTP, or DHCP.

Governing the Future: Federal Cybersecurity in the Age of Edge and AI

Intel's CTO on Navigating Cybersecurity, AI, and the Edge Governing the Future: Federal Cybersecurity in the Age of Edge and AI In this episode of the "Trusted Tech for Critical Missions" podcast, host Ben Arent interviews Steve Orrin, Chief Technology Officer at Intel Federal, about the evolving landscape of federal cybersecurity in the age of edge computing and artificial intelligence. Key Takeaways.

From SIEM to Detection as Code

Cloud-Native SIEM: Scaling Security for the Modern Era Key Takeaways: Detection-as-code offers improved governance, collaboration, and scalability Start with a clear understanding of critical threats to your organization Balance comprehensive monitoring with intentional, focused alerts Consider cloud-native SIEM solutions for cost-effectiveness and scalability Regularly review and update security playbooks and runbooks.

Monitor your Windows event logs with Datadog Cloud SIEM

Windows event logs are a key source of important information about your Windows environments, including detailed records of user activities, system performance, and potential security issues. However, with the sheer volume of logs modern environments generate, it can be overwhelming for security teams to efficiently detect, triage, and respond to threats in real time.