Are you curious about how Ivanti is tackling Zero Trust? Check out this video clip below and hear from Scott Erickson, Lead Technical Marketing Engineer at Ivanti, to learn more and then visit the Zero Trust Access page for even more resources.

Software development pipelines typically cycle through key four processes—design, development, testing and software or update releases. Traditional pipelines perform quality and security tests only after completing the development phase. Since there is no such thing as a perfect code, there are always issues to fix. However, if significant architectural changes are needed, fixing them at the end of the process can be highly expensive.

With more people working from home, the threat landscape continues to change. Things change daily, and cybersecurity staff needs to change with them to protect information. Threat hunting techniques for an evolving landscape need to tie risk together with log data. Within your environment, there are a few things that you can do to prepare for effective threat hunting. Although none of these is a silver bullet, they can get you better prepared to investigate an alert.

The Splunk Threat Research Team recently developed an analytic story to help security operations center (SOC) analysts detect adversaries attempting to escalate their privileges and gain elevated access to Amazon Web Services (AWS) resources. In this blog, we’ll walk you through an AWS privilege escalation analytic story, demonstrate how we simulated these attacks using Atomic Red Team, collect and analyze the AWS cloudtrail logs, and highlight a few detections from the March 2021 releases.

For our first specialist interview on the Logit.io blog, we’ve welcomed Scott Steinburg to share his thoughts on the current state of cybersecurity as well as the reasons behind writing his new book Cybersecurity: The Expert Guide. Scott is the creator of the popular Business Expert’s Guidebook series, host of video show Business Expert: Small Business Hints, Tips and Advice and CEO of high-tech consulting firm TechSavvy Global.

In a SOC (security operations center), alerts originating from hundreds of systems compete to get attention. What ensues is a security analyst’s battle to beat alert fatigue while effectively defending their organization from cybersecurity threats. Alert fatigue is a major challenge faced by security operations center (SOC) teams. The stakes are even higher since they take on the enormous responsibility of maintaining networks and data systems.

Password 1.0 was your cat’s name and your birth year and you used it across every endpoint for a decade. We see you, Sprinkles1979. Password 2.0 was SSO and MFA and WTF because literally everyone used Facebook for authentication. We all saw how well that went. It’s time for Password 3.0 We’ve always operated at the leading edge of innovation, and this is no exception. While the industry gets bogged down in sending texts to confirm authorization, we’re moving forward.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll learn about the worst data breaches that happened recently, their impact, and the cost of data breaches for companies. The COVID-19 pandemic has not only had an impact on the mental and physical health of employees, but on the digital health of organizations around the world.

In April 2020, MalwareHunterTeam found a number of suspicious files in an open directory and posted about them in a series of tweets. Trend Micro later confirmed that these files were part of the first cryptojacking malware by TeamTNT, a cybercrime group that specializes in attacking the cloud—typically using a malicious Docker image—and has proven itself to be both resourceful and creative.