Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Securing Your Expanding Network Perimeter

Cybersecurity attacks, such as ransomware and phishing scams, have delivered crippling IT blows in the public sector for some time. And here’s the bad news—these attacks have proliferated in the days of COVID-19. A new report from Google found a 350% increase in phishing attacks since the beginning of the year. To better defend against today’s cyberattacks, state and local governments are increasingly exploring the benefits of software-defined networking (SDN).

Using Splunk to Detect Sunburst Backdoor

TL;DR: This blog contains some immediate guidance on using Splunk Core and Splunk Enterprise Security to protect (and detect activity on) your network from the Sunburst Backdoor malware delivered via SolarWinds Orion software. Splunk’s threat research team will release more guidance in the coming week. Also please note that you may see some malicious network activity but it may not mean your network is compromised. As always review carefully.

How a mobile device management solution can help with securing devices in the digital workspace

The past decade has witnessed many organizations adapting to a digital workspace, replacing the traditional physical offices setups with virtual workplaces encompassing all the technologies that employees require to get their work done. Because of the pandemic, even companies that were once against the concept of a distributed workforce have now been forced to embrace remote work. Though a digital workspace offers a more flexible user experience for employees, it comes with its own set of challenges.

Accelerate security investigations with Datadog Threat Intelligence

Attackers (i.e., threat actors) often reuse techniques or resources, such as IP addresses, hashes, and domains, in multiple attempts to find and exploit vulnerabilities in your systems. Defenders can categorize this data as indicators of compromise (IOCs) and create collections of IOCs in order to look out for potential attacks. These IOC collections are known as threat intelligence.

Enhance and automate your cybersecurity operations

Watch Keysight and Flowmon present a cybersecurity solution reaching into the layer one transmission and utilizing behavior analysis to identify a hacker’s fingerprint.  Keysight will give a high level explanation on how to build an efficient visibility architecture utilizing Taps and Network Packet Brokers. Keysight will then provide an introduction to Threat simulator, a breach and attack simulation platform, which will be used in the demonstration to provide realistic attack traffic to the Flowmon. 

Automatic correlation of FireEye red team tool countermeasure detections

Sumo Logic has reviewed the announced breach on December 8, 2020 by FireEye and their subsequent public release of over 300 countermeasure rules. We are continuing to analyze the available information and would like to share this update to all existing and prospective customers interested in how our Sumo Logic services can assist with this development.
Featured Post

12 Hybrid Cloud Security Threats That You Can Fix

When it comes to having a safe and secure multiple-cloud architecture, you'll need a hybrid cloud security mindset, which focuses on securing data wherever it may be. When done correctly, a hybrid cloud (private and public) can help make your company more productive while saving money. However, a secure hybrid cloud requires a well-thought-out plan, and plenty of focus on encryption and data access control. With that said, here are 12 of the most tedious security threats in hybrid cloud security that you can actually fix.

See and Secure containers on AWS Fargate

Tune into our #LinkedInLive event on December 9 from 11:30am-12pm PST and join Sysdig and Amazon Web Services (AWS) experts, Pawan Shankar and Eric Carter, to learn how to scan #AWS #Fargate containers in under 4 minutes with Sysdig Secure. Join this live discussion to learn how Sysdig Secure closes the visibility and security gap by providing the first automated #Fargate inline scanning.

New SAML Group Mapping Support

In July, we rolled out SolarWinds® Papertrail™ support for SAML v2.0. SAML authentication allows you to log into your Active Directory® domain or intranet and have immediate access to Papertrail, with no additional login required. Today we’re extending Papertrail SAML 2.0 support to include group mapping. Group mapping allows you to define organization and product roles, and grant access to logs and billings plans, by adding an account to an identify provider group.