Hey, there. This is part four of the Elastic SIEM for home and small business blog series. If you haven’t read the first, second, and third blogs, you may want to before going any further. In the Getting started blog, we created our Elasticsearch Service deployment and started collecting data from one of our computers using Winlogbeat. In the Securing cluster access blog, we secured access to our cluster by restricting privileges for users and Beats.

We are now happy to release two new LTS versions of CFEngine, 3.10.7 LTS, and 3.12.3 LTS. This will be the last release of the CFEngine 3.10 LTS series. Standard Support of CFEngine 3.10 LTS ends end of this year. If you would like extended support, please contact us. From the CFEngine release schedule, we see that CFEngine 3.10 LTS is maintained and supported until December 28th, 2019.

Kubernetes 1.17 is about to be released! This short-cycle release is focused on small improvements and house cleaning. There are implementation optimizations all over the place, new features like the promising topology aware routing, and improvements to the dual-stack support. Here is the list of what’s new in Kubernetes 1.17.

As you monitor the health and performance of your infrastructure and applications, you also need to be able to identify potential threats to the security of those components. To help address this challenge, we’re pleased to announce that Datadog now integrates with AWS Identity and Access Management (IAM) Access Analyzer, a new IAM feature that helps administrators ensure that they have securely configured access to their resources.

As our application scales and many services are accessing a multitude of data points for each workload needed, it is difficult to ensure each part of the system has the right set of data access permissions. In today’s world, one of the worse nightmares of a software business is data leaking and data privacy issues. Not only it affects the brand reputation, but could also expose the company to heavy fines and other regulatory sanctions.

Holiday shopping is in full swing and cybercriminals are preparing their campaigns to maximise their profits this season. Here’s the latest news on Magecart and other website attacks, with insights from our own Security Researcher!

Last month, the Elastic Security Protections Team prevented an attempted ransomware attack targeting an organization monitored by one of our customers, an IT Managed Service Provider (MSP). We analyzed the alerts that were generated after an adversary’s process injection attempts were prevented by Elastic Endpoint Security on several endpoints. Adversaries often attempt to inject their malicious code into a running process before encrypting and holding the victim’s data to ransom.

Authorization to Operate (ATO) in a day and on-going authorization are compliance nirvana. The ATO is the authorizing official’s statement that they accept the risk associated with the system running in production environments using live business data. The idea that all of the information necessary to make a risk decision is at hand and can be consumed by decision makers is what every compliance program is trying to achieve.

With Black Friday weekend coming up, ecommerce sites are preparing for a huge increase in traffic. If you haven’t made any changes yet, fear not, there’s still time! We’ve compiled a Black Friday last-minute checklist so you can prepare your site for the Black Friday weekend! Monitor your uptime status.

Cyberattacks are never going away; in fact, things appear to be getting worse. The complexity of attacks has escalated, resulting in more sophisticated, targeted takedowns. Just look at the attacks in Baltimore, Atlanta, Florida, and Spain within the past few years. Organizations around the world have had their operations halted by ransomware, with some taking weeks to get back to normal.