Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Announcing Gravity 7.0

Today, we are excited to announce the release of Gravity 7.0! Gravity is a tool for developers to package multiple Kubernetes applications into an easily distributable .tar file called a “cluster image”. A cluster image contains everything an application needs and it can be used for quickly creating Kubernetes clusters pre-loaded with applications from scratch or loading applications contained within an image into an existing Kubernetes cluster like OpenShift or GKE.

Best Practices for Compliance Monitoring in Cybersecurity

Regulatory compliance monitoring is a key component of any cybersecurity program. But it's becoming increasingly difficult to ensure you are meeting your regulatory requirements. Driven by an increasing web of complex extraterritorial laws, industry-specific regulations, and general data protection laws. This is not a valid excuse for non-compliance. Regulators and lawmakers will impose significant fines on organizations that aren't able to align their cybersecurity and compliance programs.

What is ISO 27701?

If you have a familiarity with any information security frameworks and certifications, it’s more than likely you have heard of International Organisation for Standardisation (ISO) and possibly the International Electrotechnical Commission (IEC). From my experience, the most commonly referred to business-level security related certifications are ISO/IEC 27001 and ISO/IEC 27002.

User Identity Mapping In a Hybrid Environment, Part 2: ID Mapping Across Appliances

Photo by nik radzi on Unsplash In the previous article, we discussed the significance of identity mapping for authorization and its importance within the Egnyte Platform. In this article, we will describe a mechanism that will make it possible to implement uniform ID-mappings across multiple appliances.

Elastic SIEM for home and small business: SIEM overview

Hello, security enthusiasts! This is part seven (can you believe it?) of the Elastic SIEM for home and small business blog series. If you haven’t read the first six blogs in the series, you may want to before going any further. In the prerequisite blogs we created our Elasticsearch Service deployment (part 1), secured access to our cluster by restricting privileges for users and Beats (part 2), then we created an ingest pipeline for GeoIP data and reviewed our Beats configurations (part 3).

What is a Smurf Attack?

A smurf attack is a type of DDos attack that aims to create high traffic on your network and harm your organization. Read more to learn how you can avoid such attacks. What is a smurf attack? A smurf attack is a type of DDoS attack that consumes the essential resources of your network through the utilization of ICMP Echo mechanism. In other words, an attacker tries to flood a server with ICMP packets in order to render it inaccessible.

ManageEngine recognized for unified endpoint management at RSA Conference 2020

In 2019, Cyber Defense Magazine named ManageEngine a Next Gen vendor in Unified Endpoint Management at IP EXPO in London, and then again at RSA Conference 2020 in San Francisco. Cyber Defense Magazine recognized ManageEngine in its 2020 InfoSec Awards for the features, capabilities, and value it delivers, along with its market presence.

What are Security Ratings?

Security ratings or cybersecurity ratings are a data-driven, objective, and dynamic measurement of an organization's security posture. They are created by a trusted, independent security rating platform making them valuable as an objective indicator of an organization's cybersecurity performance. Just as credit ratings and FICO scores aim to provide a quantitative measure of credit risk, security ratings aim to provide a quantitative measure of cyber risk.

What is Data Classification?

Data classification is the process of organizing structured and unstructured data into categories, so it can be used and secured more efficiently. It makes data easier to locate and retrieve while facilitating better risk management, legal discovery, and regulatory compliance. Data classification involves labeling sensitive data and personal information to make it searchable and trackable.

How to Communicate Risk: Profiles, Dashboards and Responsibilities

The risk of a data breach with significant financial consequences and damage to brand equity is the fear of most large publicly traded companies. But many smaller businesses wrongly assume they are too small to be on the radar of the threat actors. The truth is that it is all about the data, and small businesses often have less well-guarded and well-defined structures for their data stores.