If you’ve been following Elasticsearch-related news over the past few months, you’ve most likely heard about a series of cases in which sensitive data stored in Elasticsearch clusters was exposed. Here’s a recap just in case — Equifax, CITI, AIESEC to name just a few.

Tigera is excited to announce several new capabilities with Tigera Secure Enterprise Edition 2.3, extending the ability to uncover sophisticated Kubernetes attacks. Tigera Anomaly Detection capabilities provide insight into unusual behaviors that compromise the security and performance of Kubernetes environments.

Another HIMSS show is in the books and the impact this year was tremendous, especially in terms of discussions and announcements. Presentation topics varied from artificial intelligence to supply chain management to telemedicine and beyond, but interoperability and cybersecurity were either main themes or cropped up in discussions throughout the event.

What gets measured gets managed. You probably intuitively sense the truth in that statement, but are you practicing it? Specifically, are you measuring your security operations center’s (SOC) performance? Measuring the IT security team’s performance has always been subjective. With more and more security techniques emerging in the last decade, your organization may have come up with different metrics to measure the performance of its SOC.

FaaS services such as AWS Lambda take care of many security aspects - networking, firewall, OS updates, etc. Make no mistake, though: application-level security is still fully on our hands! Do we have all the information needed to secure our serverless apps? Enters critical logging!

Suricata is an open source threat detection system. Initially released by the Open Information Security Foundation (OISF) in 2010, Suricata can act both as an intrusion detection system (IDS), and intrusion prevention system (IPS), or be used for network security monitoring.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we’ll talk about why incorporating AI into your UEM strategy may be inevitable.

Mattermost 5.8 is full of new features that will help your team get more done in less time.

One of the great things about Kubernetes is that it completely separates authentication and authorization. Authentication (Authn) meaning the act of identifying who the user is and authorization (Authz) meaning the act of working out if they’re allowed to perform some action. This can be thought of in terms of a Passport and a Visa.

As part of our continuing security program here at BugSplat, we’re switching to an authentication service called Auth0 for all of our account logins. Auth0 is a universal authentication and authorization platform that supports customer-requested features like federated logins, which means authenticating with a different provider, and Multi-Factor Authentication (MFA) which is a two-step login protocol requiring separate verification from a mobile device to access your account.