Our suite of operations products has come a long way since the acquisition of Stackdriver back in 2014. The suite has constantly evolved with significant new capabilities since then, and today we reach another important milestone with complete integration into the Google Cloud Console. We’re now saying goodbye to the Stackdriver brand, and announcing an operations suite of products, which includes Cloud Logging, Cloud Monitoring, Cloud Trace, Cloud Debugger, and Cloud Profiler.

As antivirus and machine learning-based malware detection have increased their effectiveness in detecting file-based attacks, adversaries have migrated to “living off the land” techniques to bypass modern security software. This involves executing system tools preinstalled with the operating system or commonly brought in by administrators to perform tasks like automating IT administrative tasks, running scripts on a regular basis, executing code on remote systems, and much more.

In the first part of this blog article, I introduced key concepts surrounding data ingestion for the industrial Internet of Things, the role and importance of metrics and self-services capabilities for shop floor personnel. So let's see how this looks in practice and how the knowledge of a process or control engineer can be turned into action.

In advance of the RSA Conference 2020, we wanted to get a pulse of attendees’ perceptions on a few topics, specifically challenges facing modern SOCs (security operations centers) and the value they are getting from technologies such as analytics, automation, and their SIEM tools. To get this, we fielded a series of questions to the Twitter-verse and received nearly 17,000 votes! After going through the results, we found a few interesting things…

Splunk adds and updates features and functions to Splunk Enterprise regularly to keep pace with innovation and reduce risk. In fact, Splunk releases these updates on the Splunk Cloud platform continually. For on-prem customers, Splunk releases two levels of software updates to Splunk Enterprise. On-prem customers benefit from the continual updates to the Cloud platform because features, functions, and updates are thoroughly road-tested and hardened when they are released in a major version update.

The other day I found myself trying to tune a Ruby on Rails app I had written as a side project. (The app lets me keep track of my favorite eateries and pubs. It’s searchable, includes multiple images, and has stored locations.) On past projects, I relied on SolarWinds® Papertrail™, path testing, a lot of trial and error, and a general feel to try to improve performance. This time I thought I would give SolarWinds AppOptics™ Dev Edition a try.

As the team responsible for building dormakaba’s first cloud-access control solution, Exivo, the Cloud Development team at dormakaba AS EMEA needed a logging solution that with scalable logging throughout their global environment, handle a huge amount of throughput, be piped through an API, and remain highly secure so it could be implemented on the doors and entry systems the company produces. Logz.io was the perfect fit for these requirements.

The tongue-in-cheek named malware detection tool, Yet Another Recursive Acronym (YARA) is described as “the pattern-matching Swiss Army knife for malware researchers (and everyone else)”. The Sumo Logic Cloud SIEM Enterprise platform is one of the first SIEM solutions to incorporate it as a built-in feature. This gives blue teamers an additional layer of detection built into the SIEM.

Log management plays an important role in helping to debug Kubernetes clusters, improve their efficiency, and monitor them for any suspicious activity. Kubernetes is an open-source cluster management software designed for the deployment, scaling, and operations of containerized applications.

Several months ago, Bryan Boreham introduced a few changes to Cortex that massively reduced its storage requirements. The changes were quite simple and altogether had a nice benefit of using almost 3x less data storage than prior versions. Since Loki shares a lot of code with Cortex, could we use these ideas to the same effect? (Spoiler alert: Yes, we can!)