Operations | Monitoring | ITSM | DevOps | Cloud

Supporting legacy applications is problematic for several reasons. These aging systems are becoming increasingly obsolete and difficult to maintain. They use outdated software languages and unsupported hardware parts—some as much as 50 years old. As they age, they introduce cybersecurity risk and are less effective at accomplishing their intended purpose. While achieving application modernization isn’t without its challenges, the benefits are considerable.

Modern day Security Information and Event Management (SIEM) tooling enterprise security technology combine systems together for a comprehensive view of IT security. This can be tricky, so we’ve put together a simple SIEM tutorial to help you understand what a great SIEM provider will do for you. A SIEM’s responsibility is to collect, store, analyze, investigate and report on log and other data for incident response, forensics and regulatory compliance purposes.

Cybersecurity Infrastructure Security Agency (CISA) released Alert (AA20-302A) on October 28th called “Ransomware Activity Targeting the Healthcare and Public Health Sector.” This alert details TTPs associated with ongoing and possible imminent attacks against the Healthcare sector, and is a joint advisory in coordination with other U.S. Government agencies.

Several weeks ago, my good friend Katie Nickels (Director of Intelligence at Red Canary extraordinaire) and I were chatting about Ransomware. She was super interested and passionate about some new uses of a ransomware variant named “Ryuk” (first detected in 2018 and named after a manga/anime character) [1]. I was, to be honest, much less interested. It turns out, as usual, Katie was right; this was a big deal (although as you will see, I’m right too… still dull stuff!).

Since 2004, October has been designated by the National Cybersecurity Alliance as National Cybersecurity Awareness Month (NCSAM). Immediately, the mind wanders to supercomputers creating unbreakable algorithms against adversaries with unlimited compute power. This virtual landscape is happening today, and the arms race on both sides is something we’ll have to grapple with for the foreseeable future.

While all cybersecurity professionals agree that log management is integral for robust proactive and reactive security, managing the enormous amount of data logs can be a challenge. While you might be tempted to collect all logs generated from your systems, software, network devices, and users, this “fear of missing out” on an important notification ultimately leads to so much noise that your security analysts and threat hunters cannot find the most important information.

From credential theft to network vulnerability exploitation and ransomware incidents on highly secure organizations, the year 2020 has been surprisingly rough on IT security. In the wake of the COVID-19 pandemic, companies around the world are reporting more cyberattacks than ever before, and although the techniques used or the method of attack may be new, the vectors of attack over the years remain unchanged.

We’re excited to announce that Calico Enterprise, the leading solution for Kubernetes networking, security and observability in hybrid and multi-cloud environments, now includes encryption for data-in-transit.

File sharing is a method used by some organizations where multiple employees have access to the same files. How the files are accessed does vary depending on the user environment. The files could be shared between two computers, where the files are stored on one computer and another user accesses them from their workstation. The files might be stored on a network file server instead of on a local workstation.