Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster, we uncovered the dangers of running Elasticsearch with X-Pack disabled and thus, highlighting the ease with which attackers can exploit unauthenticated endpoints. Now, in Part 2, we will explore the other security features of X-Pack beyond authentication.

Data protection is a top priority for healthcare organizations, with patient trust and regulatory compliance hinging on securing sensitive information such as Protected Health Information (PHI). Traditional access control and Data Loss Prevention (DLP) solutions focus on restricting access and preventing unauthorized file transfers but do not provide visibility into how, where, and through which communication channels sensitive data is shared.

Trustwave has created a technology partnership with Devo, a unified Security Information and Event Management (SIEM) provider, to offer a next-generation Managed Extended Detection and Response (MXDR) solution called Trustwave MXDR with Co-Managed SOC for Devo. This collaboration will enable organizations to leverage a powerful SIEM platform without the complexities and costs associated with owning and managing the technology.

As the gold standard for reliably storing files of varying types in the cloud, Amazon’s S3 has become synonymous with storage. While this widespread adoption is a sign of a good developer experience and reliable storage across the board, it also presents a unique opportunity for attackers looking to exploit multiple targets due to S3’s widespread adoption.

IBM's Institute for Business Value has released a report on the benefits of cybersecurity platformization. It's an important piece of research, but is focused mainly on enterprise users. In this post, we'll discuss what the IBM report means for managed security services providers (MSSPs) and how they can take advantage of security platformization.