The ransomware campaign against the Colonial Pipeline highlights the dangers and real-life consequences of cyberattacks. If you want to understand how to use Splunk to find activity related to the DarkSide Ransomware, we highly recommend you first read “The DarkSide of the Ransomware Pipeline” from Splunk’s Security Strategist team. In short, according to the FBI, the actors behind this campaign are part of the “DarkSide” group.

Security has always been a wide and complex topic. A recent survey from StackRox about the state of containers and Kubernetes security provides some interesting data on these topics. In this blog post, I’ll dive into some of the findings in that survey and introduce you to Kubewarden, an open source policy engine. A staggering 66 percent of the survey participants do not feel confident enough in the security measures they have in place.

The marketplace for mobile apps is a broad and highly competitive one. There are millions of apps available on Apple’s App store, Google Play, and within private enterprise app stores. Expanding market demands continue to drive the pressure to innovate. New iOS and Android updates and mobile device releases, along with myriad apps from companies vying for their customer’s attention, are creating shorter app release cycles.

I’ve been updating some of our security documentation explaining what we do to ensure our product is suitable for the security models in regulated industries, such as finance and healthcare. Talking to our security guys, I was flabbergasted to find out that there are monitoring products out there that go against what is not only an industry best practice but also the right thing to do: agents that open and listen on fixed TCP ports!

Anybody who’s looked for answers on the Internet has likely stumbled across a “TOP X LISTS”: The “10 things famous people do every day”, “Top 10 stocks to by”, the “20 books you have to read” are just some examples of the myriad of lists that are out there offering answers. You may have even stumbled upon a few “Top 10 (or 12) Events To Monitor” articles too.

If you have been following the news or trying to buy gas in Atlanta, you probably have already heard about the ransomware attack on one of the most important strategic pipelines in the US. 2020 saw ransomware attacks skyrocket and now 2021 seems to be following the trend. The current situation begs us to rethink how we think about our security practices and mindset. One area of security that you may have heard about is Zero Trust (ZT).

With the surge of endpoints and growing demands for access to data, public sector organizations have seen an increase in security threats since the onset of the pandemic. Against this backdrop, Elastic gathered industry leaders to learn how to manage these challenges and demands and build a path toward the future. The recent State and Local Government & Education ElasticON Public Sector event showcased the tech solutions that are delivering for constituents, faster.

Today I’m happy to share more about our partnership with Swimlane, which further reinforces our commitment to empowering security teams everywhere. Today’s security teams rely on the power of Elastic’s high-speed, cloud-scale analytics to solve their most complex and pressing security issues. Swimlane’s security automation platform provides a way for these same teams to accelerate and optimize their workflows for max efficiency and to solve SOAR use cases.

Properly analyzing the massive amounts of data created by network access and the associated security tools has become a very tedious chore. Today’s cybersecurity professionals are seeking ways to better deal with the massive influx of information so that they can make intelligent choices when it comes to the cybersecurity posture of their networks. Selecting the proper tools is an important task which merits investigation.