Here at Graylog, we have recently had an increase in conversations with security teams from leading companies. We want to share our key findings with the Graylog community. The good thing is that cybercriminals use a methodical approach when planning an attack. By understanding their process and knowing your network, you will be better prepared and able to stay one step ahead.

Different IT organizations have different needs. The one-man shop might find the best success with open-source software, while enterprises often need something a little more. But occasionally you’ll see an enterprise using open-source or something designed for a small to medium-sized business. This can be a good thing in certain instances, though it’s not without risks. So, why might you want to use SMB or open-source gear in an enterprise setting, and when might it be a good thing?

It’s been shown that if you follow a proven collection of practices for developing, designing, testing, implementing, and maintaining your software, you will produce a much higher quality product. Over the past few years, we have seen an increasing number of cases of attacks on the application layer. The Open Web Application Security Project, OWASP, estimates that around one-third of web applications contain security vulnerabilities.

Today we are pleased to announce our partnership with Nutanix, creators of the industry’s most popular hyper-converged infrastructure (HCI) technology. HCI combines datacenter hardware using locally-attached storage resources with intelligent software to create flexible building blocks that replace legacy infrastructure consisting of separate servers, storage networks, and storage arrays.

In part one of this series on Kubernetes RBAC, we introduced authentication and authorization methods. In this article, we’ll dive a little deeper into authentication — a prerequisite for RBAC. As we saw, there are a few authentication methods including client certificates, bearer tokens, HTTP basic auth, auth proxy, and impersonation. Because HTTP basic auth and statically configured bearer tokens are considered insecure, we won’t cover them here.

HTTP, which stands for Hypertext Transfer Protocol, is a communication protocol used by your browser to connect to the web server of the site you're looking for. When HTTP data transfer between the browser and the web server is shared via unencrypted hypertext, anybody connected to your network can intercept the data you're transferring. To combat this, it's best to switch to HTTPS, the more secure extension of HTTP. You can't verify data integrity with HTTP

Compared to even just a few years ago, the tools available for data scientists and machine learning engineers today are of remarkable variety and ease of use. However, the availability and sophistication of such tools belies the ongoing challenges in implementing end-to-end data analytics use cases in the enterprise and in production.

Companies and businesses of all sizes collect and save all types of data. This data can be valuable to others if it were to be leaked outside the business. Data security management and control using the right data loss prevention (DLP) solutions are necessary to protect this and other types of data. So, what exactly is DLP? In general, DLP consists of the tools, apps, and other data loss prevention techniques businesses implement to keep their data safe and secure.