Software development pipelines typically cycle through key four processes—design, development, testing and software or update releases. Traditional pipelines perform quality and security tests only after completing the development phase. Since there is no such thing as a perfect code, there are always issues to fix. However, if significant architectural changes are needed, fixing them at the end of the process can be highly expensive.

With more people working from home, the threat landscape continues to change. Things change daily, and cybersecurity staff needs to change with them to protect information. Threat hunting techniques for an evolving landscape need to tie risk together with log data. Within your environment, there are a few things that you can do to prepare for effective threat hunting. Although none of these is a silver bullet, they can get you better prepared to investigate an alert.

The Splunk Threat Research Team recently developed an analytic story to help security operations center (SOC) analysts detect adversaries attempting to escalate their privileges and gain elevated access to Amazon Web Services (AWS) resources. In this blog, we’ll walk you through an AWS privilege escalation analytic story, demonstrate how we simulated these attacks using Atomic Red Team, collect and analyze the AWS cloudtrail logs, and highlight a few detections from the March 2021 releases.

For our first specialist interview on the Logit.io blog, we’ve welcomed Scott Steinburg to share his thoughts on the current state of cybersecurity as well as the reasons behind writing his new book Cybersecurity: The Expert Guide. Scott is the creator of the popular Business Expert’s Guidebook series, host of video show Business Expert: Small Business Hints, Tips and Advice and CEO of high-tech consulting firm TechSavvy Global.

In a SOC (security operations center), alerts originating from hundreds of systems compete to get attention. What ensues is a security analyst’s battle to beat alert fatigue while effectively defending their organization from cybersecurity threats. Alert fatigue is a major challenge faced by security operations center (SOC) teams. The stakes are even higher since they take on the enormous responsibility of maintaining networks and data systems.

Password 1.0 was your cat’s name and your birth year and you used it across every endpoint for a decade. We see you, Sprinkles1979. Password 2.0 was SSO and MFA and WTF because literally everyone used Facebook for authentication. We all saw how well that went. It’s time for Password 3.0 We’ve always operated at the leading edge of innovation, and this is no exception. While the industry gets bogged down in sending texts to confirm authorization, we’re moving forward.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll learn about the worst data breaches that happened recently, their impact, and the cost of data breaches for companies. The COVID-19 pandemic has not only had an impact on the mental and physical health of employees, but on the digital health of organizations around the world.

From May 2021, Google is using ‘Core Web Vitals’ as a brand new ranking signal. Google states that business owners should monitor and improve their scores to avoid damaging their organic SEO. In this blog, we will explain how to improve Core Web Vitals scores. To discover the specific issues affecting your users’ experience, we strongly advise having a Core Web Vitals audit.

If you are debugging issues with a host, it is quite common to want to make changes to CFEngine policy, and speed up the process of fetching, evaluating and reporting for that host. You can do this by running cf-runagent and cf-hub from the command line, now we’ve brought this functionality into Mission Portal.