This post is part of a blog series highlighting how we embrace the solutions and features of the Elastic Stack to support our business and drive customer success. The Elastic InfoSec Security Engineering team is responsible for deploying and managing InfoSec's infrastructure and tools. At Elastic, speed, scale, and relevance is our DNA and leveraging the power of the Elastic Stack is the heart of InfoSec.
How is your website showing your customers that you care? You are selling a great product and making some good money, but what are you doing in return to assure your customers that all their payment and private data is protected? If you haven't thought about that before, now is the time because a significant data breach could mean the end of your company.
Several factors in recent years have increased endpoint vulnerability — from organizations’ need to make access to data more fluid, to threats targeting mobile device access and networks, to the growing work-from-home and work-on-the-go trends. Endpoints connected to a network — including remote devices, IoT devices, workstations, tablets, laptops and servers — create attack paths for security threats.
The global pandemic has fueled a rapid digital transformation — and led to permanent shifts in cybersecurity. In a recent joint webinar with Bryan McAninch, senior solutions engineer at Splunk, and guest speaker Chris Kissel from IDC, "Sp(e)lunking Security with MITRE ATT&CK® featuring IDC Research," they shared seven overarching trends in cybersecurity for 2021. One notable, but foundational, trend mentioned was the need to understand risk.
The job of IT admins and IT security analysts are, without a doubt, some of the most important jobs in any company. When things are running smoothly, it is easy for everyone to forget they exist. However, the moment things go askew, everyone points fingers at them. IT security professionals are expected to know everything. Most of them are self-taught and have learned on-the-job. Over time, experience has turned them into battle-hardened soldiers.
This tutorial focuses on how to write a promise module, implementing a new CFEngine promise type. It assumes you already know how to install promise modules and use custom promise types, as shown in the previous blog post.
We recently underwent a System and Organization Controls SOC 2 Type 1 examination resulting in a CPA’s report stating that Mattermost has developed effective controls over the security, availability, and confidentiality of the Mattermost Cloud platform.
When approached by stakeholders in their organization, few security teams can confidently demonstrate that logging and alerting capabilities are working as expected. Organizations have become more distributed and reliant on cloud offerings for use cases such as identity and access management, user productivity, and file storage. Meanwhile, adversaries have extended their operational capabilities in cloud environments.
