Microlesson: How are Insights Created?
Learn how Sumo Logic's Cloud SIEM Enterprise clusters log data into actionable security Insights.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
Security
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Splunk SOAR Playbooks: Azure New User Census
Hafnium is the latest cyberattack that utilizes a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched). Learn how you can use Splunk Phantom to automate account monitoring to ensure that threat actors are not exploiting vulnerabilities to access sensitive information through authenticated accounts.
AppDynamics with Cisco Secure Application Demo
See how you can protect your business-critical applications with Cisco Secure Application. Built in collaboration with Cisco Security, Secure Application simplifies vulnerability management, blocks attacks in real-time, and creates a shared context for App and Security teams. Maximize uptime and performance while minimizing risk with Secure Application.
Run confidently with secure DevOps
The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps. In cloud-native DevOps is not enough. It's time for secure DevOps.
Taking Automation Beyond the SOC With Advanced Network Access Control
Security orchestration, automation and response (SOAR) tools are most commonly known for automating manual security operations processes in order to expedite security investigations or cyber response. For instance, Splunk’s SOAR technology, Splunk Phantom, is most commonly used to automate alert triage, phishing investigation and response, threat hunting and vulnerability management.
Web Access Control Redefined
One of the focuses of version 2.9 of Icinga Web 2 will be on access control. For years on now, Icinga Web 2 had a very simple role based access control (RBAC) implementation. This suited most of our users fine. However, there were still some requests to enhance this further. The next major update of Icinga Web 2 (Version 2.9) and Icinga DB Web will allow users to configure exactly this.
What's the Most Powerful Tool in Your Security Arsenal?
Trying to work out the best security tool is a little like trying to choose a golf club three shots ahead – you don’t know what will help you get to the green until you’re in the rough. Traditionally, when people think about security tools, firewalls, IAM and permissions, encryption, and certificates come to mind. These tools all have one thing in common – they’re static.
How Calico Cloud's runtime defense mitigates Kubernetes MITM vulnerability CVE-2020-8554
Since the release of CVE-2020-8554 on GitHub this past December, the vulnerability has received widespread attention from industry media and the cloud security community. This man-in-the-middle (MITM) vulnerability affects Kubernetes pods and underlying hosts, and all Kubernetes versions—including future releases—are vulnerable. Despite this, there is currently no patch for the issue.
Secure Your IT Assets for an Optimal Return
We’ve officially entered everyone’s favorite time of year—tax season. You can find me rifling through the stack of mail and records I’ve been hoarding over the past year, while my husband calmly reviews his neatly archived digital documents. Completing your tax return forces you to review all your fiscal actions from the past year, which can be made easier with secure digital tracking, tagging, and maintenance along the way.
How Does Ivanti Approach Zero Trust Security?
Are you curious about how Ivanti is tackling Zero Trust? Check out this video clip below and hear from Scott Erickson, Lead Technical Marketing Engineer at Ivanti, to learn more and then visit the Zero Trust Access page for even more resources.