Hey, there. This is part four of the Elastic SIEM for home and small business blog series. If you haven’t read the first, second, and third blogs, you may want to before going any further. In the Getting started blog, we created our Elasticsearch Service deployment and started collecting data from one of our computers using Winlogbeat. In the Securing cluster access blog, we secured access to our cluster by restricting privileges for users and Beats.

We are now happy to release two new LTS versions of CFEngine, 3.10.7 LTS, and 3.12.3 LTS. This will be the last release of the CFEngine 3.10 LTS series. Standard Support of CFEngine 3.10 LTS ends end of this year. If you would like extended support, please contact us. From the CFEngine release schedule, we see that CFEngine 3.10 LTS is maintained and supported until December 28th, 2019.

Kubernetes 1.17 is about to be released! This short-cycle release is focused on small improvements and house cleaning. There are implementation optimizations all over the place, new features like the promising topology aware routing, and improvements to the dual-stack support. Here is the list of what’s new in Kubernetes 1.17.

As you monitor the health and performance of your infrastructure and applications, you also need to be able to identify potential threats to the security of those components. To help address this challenge, we’re pleased to announce that Datadog now integrates with AWS Identity and Access Management (IAM) Access Analyzer, a new IAM feature that helps administrators ensure that they have securely configured access to their resources.

Holiday shopping is in full swing and cybercriminals are preparing their campaigns to maximise their profits this season. Here’s the latest news on Magecart and other website attacks, with insights from our own Security Researcher!

As our application scales and many services are accessing a multitude of data points for each workload needed, it is difficult to ensure each part of the system has the right set of data access permissions. In today’s world, one of the worse nightmares of a software business is data leaking and data privacy issues. Not only it affects the brand reputation, but could also expose the company to heavy fines and other regulatory sanctions.

Last month, the Elastic Security Protections Team prevented an attempted ransomware attack targeting an organization monitored by one of our customers, an IT Managed Service Provider (MSP). We analyzed the alerts that were generated after an adversary’s process injection attempts were prevented by Elastic Endpoint Security on several endpoints. Adversaries often attempt to inject their malicious code into a running process before encrypting and holding the victim’s data to ransom.

Authorization to Operate (ATO) in a day and on-going authorization are compliance nirvana. The ATO is the authorizing official’s statement that they accept the risk associated with the system running in production environments using live business data. The idea that all of the information necessary to make a risk decision is at hand and can be consumed by decision makers is what every compliance program is trying to achieve.

With Black Friday weekend coming up, ecommerce sites are preparing for a huge increase in traffic. If you haven’t made any changes yet, fear not, there’s still time! We’ve compiled a Black Friday last-minute checklist so you can prepare your site for the Black Friday weekend! Monitor your uptime status.

Back on September 4th, we filed a lawsuit against floragunn GmbH, the makers of Search Guard, a security plugin for Elasticsearch and Kibana, for a multi-year pattern of copying our proprietary code. After filing the claim, we have continued to investigate floragunn’s actions. Today, we have updated our lawsuit in two important ways. First, we have identified additional copying by floragunn with respect to the separate, proprietary code base for our Kibana product.