“As we expand, it’s critical for our team to have both a fast and automated rollout process for each customer environment. In the end, each of our user’s access experience must be identical. Rancher is one product that’s critical to that strategy.” – Jeff Klink, VP Engineering, Cloud and Security Specialist, Sera4 Security worries keep many of us awake at night – no matter our industry.

If you want to skip ahead to see the MITRE ATT&CK eval round 2 results visualized in an easy-to-configure Kibana dashboard, check it out here.

Six months ago we celebrated the joining of forces between Endgame and Elastic under the banner of Elastic Security and announced the elimination of per endpoint pricing. Simultaneously, while the newest members of Elastic Security were getting acquainted with the Elastic SIEM team, a few of our analysts were locked away in an office at MITRE HQ for round 2 of MITRE’s APT emulation.

Ransomware is a serious threat to institutions of all kinds, resulting in mounting costs for organizations that must literally pay ransom to regain access to their essential systems. A ransomware attack takes place when a cybercriminal denies an organization access to the data it needs to conduct business, usually by encrypting the data with a secret key. The attacker then offers to reveal the encryption key in exchange for a payment. The payment can vary in amount or kind.

In the previous blog of this series, we discussed how monitoring SQL Server activities helps secure databases. The database security can further be reinforced by carefully configuring the authentication and authorization mechanisms for database accesses. In this blog, we’ll briefly explain the various authorization and authentication mechanisms of SQL Server and some best practices you can follow.

Over the past several years, telecommuting, or remote work, has gained significant traction across a wide variety of industries. According to a recent survey conducted by OWL Labs, 48 percent of employees worked from home at least once a week in 2019, and 34 percent were even willing to take a pay cut in order to work remotely.

Designing and maintaining networks is hard. When deploying Kubernetes in your on-prem data center, you will need to answer a basic question: Should it be an overlay network on top of an existing network, or should it be part of an existing network? The Networking options table provides guidelines to choose the right type of networking based on various factors.

Potential attackers are really good at what they do. Security analysts see this firsthand with the amount of phishing emails their organizations see daily. A newly released State of the Phish report reveals that nearly 90% of organizations dealt with business email compromise (BEC) attacks in 2019. End users reported 9.2 million suspicious phishing emails globally for the year.