Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Automated Threat Hunting: A Closer Look

Proactively finding and eliminating advanced threats through threat hunting is a growing necessity for many organizations, yet few have enough resources or skilled employees to do it effectively. For those who do have an active threat hunting program, the process is often manual and time consuming. With cloud security automation, however, you can implement rules that automatically adjust your security policies based on the latest threat data.

What Are The Different Types of Authentication?

The goal of authentication is to confirm that the person attempting to access a resource is actually who they say they are. As you can imagine, there are many different ways to handle authentication, and some of the most popular methods include multi-factor authentication (MFA) and Single Sign On (SSO). However, these methods just skim the surface of the underlying technical complications. In order to implement an authentication method, a business must first establish an authentication protocol.

Measuring RPKI ROV adoption with NetFlow

Resource Public Key Infrastructure (RPKI) is a routing security framework that provides a mechanism for validating the correct originating autonomous system (AS) and prefix length of a BGP route. Route Origin Authorization (ROA) is a cryptographically signed object within the RPKI that asserts the correct originating AS and prefix length of a BGP route. For as long as the internet has existed, the challenge of securing its underlying protocols has persisted.

Why Is Normalizing Log Data in a Centralized Logging Setup Important: Operations & Security

The phone rings. Your email pings. Your marketing team just told you about a flood of messages on social media and through live chat that there’s a service outage. You thought your Monday morning would be calm and relaxed since people are just returning from the weekend. How do you start researching all of these incoming tickets? How do you know which ones to handle first? Is this just a hardware failure, or are you about to embark on a security incident investigation like Log4j?

The Anatomy of a Cybercrime: Dissecting a Phishing Attack

Our previous blog provided an outline of the current phishing trends and potential consequences of not being aware of them. This article, however, takes a deep dive into a particularly dangerous type of attack. There is a large amount of phishing that is targeting webmail users on non-free mail domains in an attempt to syphon out their credentials for later use.

How Network Monitoring Defuses Hacker Bombs

You know by now that hackers literally never sleep. Chances are your network has been hit before and absolutely will be hit again. Hackers invent new techniques every day and tweak existing ones, many of which are automated—which is why we can say that hackers literally never sleep. Hackers either attack your network directly or attack your infrastructure through your network. Either way, the network itself is your first line of defense.

Two-factor authentication in Pandora FMS

I have been a regular user of Pandora FMS for years and the best I can say about them is that they always have something new to add to my learning. Today, for example, I rediscovered the Two-Factor authentication in Pandora FMS! *And I did it, in part, through this article already published on their blog Although I devote myself to programming (and it is what I like to do the most), I am more of a Web 2.0 person than a Web 3.0 person because I consider that the latter has been abused too much.