The demand for cloud computing has skyrocketed in recent years. Lower costs, a faster time to market, increased employee productivity, scalability, and flexibility are some of the beneficial factors motivating organizations to move to the cloud. It’s not likely that organizations will slow down with their migration plans, either.
Working remotely has its own personal challenges in terms of productivity: between the cat walking across your keyboard and the kids dropping in on your Zoom meetings, workers across the globe have had to adjust to doing their job in a different way. Organisations also had to swiftly transition to employees working remotely, and this has introduced a new set of risks from a cyber security perspective.
In the world of CVEs, we have seen a few interesting ones released in the last couple of weeks since our last risk based vulnerability management blog, including the recent big news items affecting F5 BIGIP and Pan-OS. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.
Picture your workspace at the office from ten, five, or even two years ago—what has changed? Your computer likely occupies less space than it did in the past. Your office phone, which was once wired to the corner of your desk, now sits comfortably in your pocket. And you are probably working at home exclusively, or at least most of the time.
Compliance frameworks provide guidelines for effective and secure operations for content management across a company’s various repositories. They’re written as a set of controls, each one which corresponds to different settings and policies that an organization must follow in order to ensure the safety of their data.
Honeypot might remind you of Mata Hari style spies, shocking plot twists and intriguing schemes but in the cybersecurity context, it has a whole different meaning. Keep reading to learn what it is!
It's been a while since I've had the opportunity to take a break, come up for air, and write a blog for some of the amazing work the Splunk Threat Research team has done. We have kept busy by shipping new detections under security-content (via Splunk ES Content Update and our API). Also, we have improved the Attack Range project to allow us to test detections described as test unit files.