While everyone prepares for the frights of Halloween, there’s a real evil lurking just out of sight—an imminent threat that grows stronger each passing day. And no amount of burning sage, sprinkling salt, or carrying garlic will ward off this threat. Gather around folks, for in October, not only do we celebrate Halloween, but also National Cybersecurity Awareness Month.

Lately, hackers on the lookout for vulnerable systems have kept the IT industry busy. While various OS and software vendors strive to keep their users’ data intact by providing timely updates, manually securing endpoints by applying these updates is challenging due to factors such as time, staffing, and IT budgets. To help admins out, we’ve compiled a list of some industry best practices you can implement to stay vigilant against cyberattacks and data theft.

Elasticsearch is a highly scalable, distributed, open-source RESTful search and analytics engine that offers log analytics, real-time application monitoring, click stream analytics, and more. Elasticsearch stores and retrieves data structures in real time. It has multi-tenant capabilities with an HTTP web interface, presents data in the form of structured JSON documents, makes full-text search accessible via RESTful API, and maintains web clients for languages like PHP, Ruby, .Net, and Java.

In part 5, we looked at auditing your network device logs. A decade ago, security professionals were primarily concerned about network perimeter and endpoint security. While those concerns are still valid, technological advancements have created new scenarios that need to be addressed.

2017 was supposed to be the year of the Internet of Things (IoT)—the year that this highly-touted technology matured and started producing tangible results for organizations. However, the last 12 months have left advocates of IoT frustrated. A report from Cisco claims that close to 75 percent of all IoT projects fail, and IoT as a buzzword has been replaced by the likes of artificial intelligence and blockchain. This disheartening news paints a grim picture for IoT.

Anyone trying to access resources in your network needs to interact with your network devices: firewalls, routers, switches, and IDS/IPSs. Each of these devices generate syslogs that contain important security information and must be audited to gain complete visibility into the activities occurring in your network. Most SIEM solutions, including our own Log360, can collect and analyze syslogs in real time and instantly alert security teams if any security event of interest occurs.

LONDON - Sept. 18, 2018 - ManageEngine, the real-time IT management company, today announced its launch of Browser Security Plus, a browser management solution that helps organisations secure their corporate data in the cloud and protect their networks from web-based cyberattacks. Available immediately, Browser Security Plus provides organisations with a layer of management capabilities for browsers and their add-ons to maintain robust enterprise security.

Web servers are front-end facing applications that are vital for the daily operations of businesses. They are subject to attacks such as SQL injection, malicious URL requests, and the age-old classic, denial of service (DoS) attacks. While there are specialized web application security solutions that you can (and should) deploy, auditing web server logs is just as important for ensuring your web servers are secure and always up and running.

With large enterprises increasing their focus on public cloud providers, Microsoft Azure continues to have a strong foothold in the hybrid cloud industry. Azure adoption increased a whopping 11 percent last year from 34 to 45 percent, reveals the latest survey by RightScale.

Insider threats are on the rise. In fact, both administrators and average employees are among the biggest security threats in an organization. When it comes to security auditing, there are two areas you need to focus on: Active Directory changes and individual user activity, particularly administrator activity.