Today, AWS announced the general availability of Amazon ECS Exec, a powerful feature to allow developers to run commands inside their ECS containers. Amazon Elastic Container Service (ECS) is a fully managed container orchestration service by Amazon Web Services. ECS allows you to organize and operate container resources on the AWS cloud, and allows you to mix Amazon EC2 and AWS Fargate workloads for high scalability.

Five worthy reads is a regular column on five noteworthy items we discovered while researching trending and timeless topics. In this week’s edition, let’s explore how quantum computing works and how it impacts cybersecurity.

I thought my last blog, Visual Link Analysis with Splunk: Part 3 - Tying Up Loose Ends, about fraud detection using link analysis would be the end of this topic for now. Surprise, this is part 4 of visual link analysis. Previously (for those who need a refresher) I wanted to use Splunk Cloud to show me all the links in my data in my really big data set. I wanted to see all the fraud rings that I didn’t know about. I was happy with my success in using link analysis for fraud detection.

We’ve all become more conscious of the risk of online scammers and hackers, especially since we put more and more of our personal information into websites and apps on a daily basis. We’ve become more knowledgeable on the likes of data protection through EU regulations like GDPR and learned about how we “drop” cookies as we surf the web.

A huge portion of today’s corporate network is made up of mobile endpoints, such as laptops, tablet computers, and mobile phones. These are domain-joined and non-domain devices that require access to corporate assets to carry out everyday operations.

The Logz.io Cloud SIEM team is excited to announce a new free trial! You’ll be able to ship 1 GB of security events per day for 21 days. Cloud SIEM makes it easy to centralize, prioritize, and investigate security events, so you can respond to threats faster than ever. Check out this short demo video to see how it works. Sound interesting? Check out the instructions for our 21 day free trial below!

I was really stoked to deliver a session at Microsoft Ignite with my long-time friend and fellow Head Geek™, Tom LaRock, on the topic of migrating an on-premises SQL Server database to the Azure cloud. You can watch the session on demand here. In addition, Microsoft MVP and SQL Server expert David Klee provides an excellent recap on each of the major elements Tom and I discussed.

The Elastic Common Schema (ECS) provides an open, consistent model for structuring your data in the Elastic Stack. By normalizing data to a single common model, you can uniformly examine your data using interactive search, visualizations, and automated analysis. Elastic provides hundreds of integrations that are ECS-compliant out of the box, but ECS also allows you to normalize custom data sources. Normalizing a custom source can be an iterative and sometimes time-intensive process.

How often do you check your event log monitor for potential security breaches? Did you know that many potential security breaches, events, and other problems are logged to event logs? Unfortunately, even the most skilled IT professionals have a hard time making sense of what to watch for that could indicate security issues or even a potential breach until it is too late. Event logs contain a ton of information that can be useful.

A ransomware attack is a bug that we can’t shake off. Or perhaps, it can even be called a shape-shifter that somehow finds a way into networks, no matter how many armed sentries you’ve deployed in and around your perimeter. The line between ransomware and a data breach is slowly fading. Threat actors prefer ransomware over other modes of attack because they work.