In the last 90 days, the news of cyberattacks on critical infrastructure has been stunning. From the unprecedented breach represented by Sunburst to the more recent bone-chilling attack at the Oldsmar water facility, the urgency to secure critical infrastructure in transportation, utilities, energy, water, critical manufacturing, telecommunications, healthcare, government facilities and the defense sector has never been higher.

At Sumo Logic, our belief is that security operations is no longer a human scale problem. We need tools and technologies to aid our defenders and responders to be able to process, investigate and respond at machine speed. Our vision for modernizing security operations to deal with threats at machine scale has always encompassed more than just SIEM.

CIS (Center for Internet Security) is a non-profit organization that aims to develop a best practice in relation to cyber security. The CIS benchmarks have been adopted by many organizations as the standard against which to measure their systems.

Learn how to prevent security issues and optimize containerized applications by applying a quick set of Dockerfile best practices in your image builds. If you are familiar with containerized applications and microservices, you might have realized that your services might be micro; but detecting vulnerabilities, investigating security issues, and reporting and fixing them after the deployment is making your management overhead macro.

Cloud API logs are a significant blind spot for many organizations and often factor into large-scale, publicly announced data breaches. They pose several challenges to security teams: For all of these reasons, cloud API logs are resistant to conventional threat detection and hunting techniques.

When the Domain Name System (DNS) was created in 1983 I imagine its creator Paul Mockapetris and his team had no idea that nearly 40 years later our interconnected world would be so reliant on the very simple, but critical, DNS network service. I have a love-hate relationship with DNS. I love all of the memes I see about how “It’s always DNS”, but I hate that it’s also true—I always forget to check that DNS is working correctly when troubleshooting network issues!

Recently, Leon kicked this sharing process off sharing what he has seen in the support queue. I read it, applaud it, and have more tips to share. As Leon mentioned, and you may have seen the banner on THWACK and other notifications regarding this, the digital signing certificate is being revoked on March 8, 2021. This means if you haven’t upgraded to get the new certificate before then, you’re probably going to run into issues running your Orion module(s) installation.

Microsoft Azure provides a suite of cloud computing services that allow organizations across every industry to deploy, manage, and monitor full-scale web applications. As you expand your Azure-based applications, securing the full scope of your cloud resources becomes an increasingly complex task. Azure platform logs record the who, what, when, and where of all user-performed and service account activity within your Azure environment.