The cybersecurity landscape is complex enough without the lack of a common vocabulary. But, often, organizations use common security terms incorrectly or interchangeably. This leads to confusion, which leads to frustration, which can lead to something much, much worse. Something like a breach. Let’s take a moment, then, to review the four most commonly mixed-up and misused security terms in the cybersecurity world.

Every compliance audit will ask you to secure SSH, and every time a scanner checks the configuration or CSPM of your cloud account you’ll be warned for it. For example, if you don’t secure SSH on EC2, you’ll certainly get a critical alert stating that one of your Security Groups has its SSH port (22) open to the world. When this happens, you may think: Have I been pwned?

Trustwave has recreated new Managed Detection and Response (MDR) services to deliver unmatched capabilities tailored to fit an organization regardless of size or budget. While larger organizations may have the resources for heavy security investments, small and medium enterprises (SME) often struggle to keep up with this punishing pace and finding enough qualified security personnel can be even more challenging with the ongoing skills shortage.

The theme of RSA Conference 2022 succinctly captures the aftermath of the disruption we’ve all experienced over the last couple of years: Transform. Customers continue to transform and accelerate digital initiatives in response to the massive economic and technological shifts driven by the COVID-19 pandemic.

Today marks an exciting moment in time for our customers and partners. Today, Forescout announced its intent to acquire Cysiv, a company with deep expertise in data-powered threat detection and response.

In this post, we show how enriching Zeek® logs with cloud and container context makes it much faster to tie interesting activity to the container or cloud asset involved.In cloud or container environments, layer 3 networking is abstracted away from the higher-level tasks of running workloads or presenting data. Because of this abstraction, when Zeek logs are collected for cloud or container network environments, the attribution of a network flow to actual workload or application is difficult.

CrowdStrike recently announced the addition of Falcon Identity Threat Protection and Falcon Identity Threat Detection to its GovCloud-1 environment, making both available to U.S. public sector organizations that require Federal Risk and Authorization Management Program (FedRAMP) Moderate or Impact Level 4 (IL-4) authorization. This includes U.S. federal agencies, U.S. state and local governments and the Defense Industrial Base (DIB).