Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Security operations: Cloud monitoring and detection with Elastic Security

As many organizations have migrated their infrastructure, applications, and data to cloud offerings, adversaries have extended their operational capabilities in cloud environments to achieve their mission — whether that means stealing intellectual property, disrupting business operations, or holding an organization’s data for ransom.

Introduction to Windows tokens for security practitioners

This blog series is aimed at giving defense practitioners a thorough understanding of Windows access tokens for the purposes of detection engineering. Here in Part 1, we'll cover key concepts in Windows Security. The desired outcome is to help defenders understand how access tokens work in Windows environments.

Introducing a New Splunk Add-On for OT Security

The lines Between IT and OT are blurring. With IT and Operational Technology (OT) systems converging, ensuring the security of devices, applications, physical locations and networks has never been more difficult or more important. There is a growing recognition by security professionals that they have a readiness and visibility problem in plain sight.

How to check the effectiveness of phishing

You can install the latest generation of security software to protect against evil hackers, but what is the use of it if your employees continue to follow phishing links? Several security companies conduct social and technical research of real-life phishing attacks aimed at different businesses and are impressed with the scale of the problem.

User and Entity Behavior Analytics (UEBA) explained

User and Entity Behavior Analytics (UEBA) is an area of cybersecurity that focuses on analyzing activity – specifically user behavior, device usage, and security events ­– within your network environment to help companies detect potential insider threats and compromised accounts. While the concept has been around for some time, it was first defined in detail by Gartner in 2015 in its Market Guide for User and Entity Analytics.

Zero Trust Network Access (ZTNA) explained

This blog was written by a third party author In today’s ever-changing cybersecurity landscape, Zero Trust is here to stay. Before the concept of Zero Trust was well known, organizations followed the belief that anything within the network is trusted, and anything outside of it is untrusted. Zero trust is built on the idea that all traffic, whether incoming or outgoing, should be inspected, regardless of the source.

Webinar | Best Practices for SSH + Auditing w/ Panther | Gravitational | Gus Luxton | Jack Naglieri

In this webinar, Ev hosts a conversation with Gus Luxton, Gravitational DevOps Engineer, and Jack Naglieri, CEO of Panther Labs, about SSH, why certificate authorities are a must have, how to audit that activity, and what to do with those audit logs once you have them. Both Gus and Jack demo the open source platforms that they are working on Teleport, and Panther.

Tracking COVID-19's Effect on Remote Working by Industry and Geography

The COVID-19 pandemic caused an abrupt and dramatic shift to remote work that has lasted five months so far and is expected to continue into 2021 as companies like Google have extended their work from home policies through July 2021. In this blog, we examine how geography and industry effect who works remotely during the COVID-19 pandemic.