When thinking about many of the worst data breaches we’ve seen so far (Equifax, CapitalOne, Target, Home Depot, and more), there was one common element: The attacks were not detected while they were active on the internal networks. It’s easy to think of the internal network as what’s onsite and directly in control. However, an organizations internal network also includes what extends beyond what’s on-premises, like instances within the public cloud and off-site hosted data centers.

In advance of the RSA Conference 2020, we wanted to get a pulse of attendees’ perceptions on a few topics, specifically challenges facing modern SOCs (security operations centers) and the value they are getting from technologies such as analytics, automation, and their SIEM tools. To get this, we fielded a series of questions to the Twitter-verse and received nearly 17,000 votes! After going through the results, we found a few interesting things…

The tongue-in-cheek named malware detection tool, Yet Another Recursive Acronym (YARA) is described as “the pattern-matching Swiss Army knife for malware researchers (and everyone else)”. The Sumo Logic Cloud SIEM Enterprise platform is one of the first SIEM solutions to incorporate it as a built-in feature. This gives blue teamers an additional layer of detection built into the SIEM.

SaaS adoption is continuously on the rise and so is the number of companies migrating their email services to Microsoft Office365. It’s the most popular SaaS service and while over 90% of enterprises use it, only less than a quarter of them have already migrated to the cloud-based suite. Nonetheless, this number is growing steadily, as cloud adoption rates are increasing.

I have a confession to make. I was going to use this blog to wax poetically about the flaw inherent in the well-established notion of the Three Pillars of Observability. I was going to argue that a fourth pillar was badly needed: topological metadata. In other words, without annotating each data stream across the three common data types with a pointer to where that data in the deployment topology was coming from, all you have is a lot of data with no chance of making sense of it.

In 2010, cloud computing just started to lead the IT revolution. It’s 2020 and the cloud is already mainstream. If you’re not running your business in virtual yet, you’re missing out on huge profit opportunities and capabilities that the cloud has to offer. Adopting a cloud strategy brings better security, increased stability and overall greater flexibility for your organization.