Establishing a startup isn’t easy; founders often spend a good majority of their time mapping out finances, operations, raw materials, product development, solid marketing and sales procedures, as well as hiring skilled employees during their initial years. Besides this, they also worry about keeping up with competitors and delivering quality services or products.

Threat hunting is proactively identifying and thwarting unusual network activity that could indicate an attempted security breach. It's a historically manual activity, making it time-intensive and arduous. It’s no wonder, then, why most organizations don’t have the time, budget, or resources to undertake it effectively…if at all.

A lot of firms collect massive amounts of data every day (up to billions of events) to improve their security efforts, enhance their business intelligence, and refine their marketing strategies. Their log storage drives are so big that some of them even brag about the size, to show their public and clients how advanced their technologies are.

Distributed denial of service (DDoS) is one of the most insidious types of digital attacks that can cause cloud outages. It is typically directed at a specific target, and if done competently, can bring an application or even all network traffic to its knees.

I regularly speak with managed service providers (MSPs) and one of the biggest challenges I hear them share is selling the concept of managed services to prospects. Many small and medium-sized businesses have yet to move past the concept of break-fix—only paying an IT company to fix things when they break. They don’t fully appreciate the value of the proactive approach that is managed services.

As discussed in our previous post, we recently had the opportunity to present some interesting challenges and proposed directions for data science and machine learning (ML) at the 2018 Scale By the Bay conference. While the excellent talks and panels at the conference were too numerous to cover here, I wanted to briefly summarize three talks in particular that I found to represent some really interesting (to me) directions for ML on the java virtual machine (JVM).

Studies have shown a direct correlation between data breaches and non-compliance. This isn’t to say that compliant companies never get breached, but to reinforce the importance of incident detection and response. Businesses have begun to realize the devastating consequences of data breaches—their finances and reputation are at stake, so many have been taking steps over the last few years to comply with the PCI DSS. The main goal is often an emphasis on achieving continuous compliance.

Properly utilizing and thoroughly analyzing your event logs is one of the cornerstones of IT security. Today, cybersecurity is more important than ever and is an entire growing industry all in itself, with the global cybersecurity market estimated to reach almost $250 billion value by 2023.

A recently disclosed vulnerability in Kubernetes dashboard (CVE-2018-18264) exposes secrets to unauthenticated users. In this blog post we’ll explore some key takeaways regarding monitoring privilege escalation on Kubernetes.