Pop quiz: An employee just submitted a ticket to IT about recurring application crashes. When IT finally gets back to them, what is the first thing they ask? Answer: “When did you last update your device?” If this rings true, there is a reason. Outdated devices and applications can quickly detract from digital employee experience and IT notoriously struggles to detect and resolve these issues at scale.

In a recent post by the Splunk Threat Research team, we addressed permanent and temporary token/credential abuse in AWS and how to mitigate credential exposure. With 94% of Enterprises using a cloud service, and some using at least five different cloud platforms, it’s imperative to stay ahead of threats across multicloud environments. Let’s now turn our attention to Google Cloud Platform (GCP) and how to detect and mitigate OAuth Token Abuse.

Your monitoring system provides a comprehensive overview of any infrastructure. To effectively monitor your infrastructure and systems, you’ll need to get all of your data into one place - regardless if you have 1 node or 10 nodes. This centralization of data inevitably creates a vulnerable point that attackers can potentially target and exploit. In this article, we look at how to design your infrastructure in a secure way, as well as focus in on how to secure your nodes.

After installing the Coralogix Security Traffic Analyzer (STA) and choosing a mirroring strategy suitable for your organization needs (if not, you can start by reading this) the next step would be to set the mirroring configuration in AWS.

Every day we discover new vulnerabilities in our systems, cracks in the fence the adversaries take advantage of to get into your organization and wreak havoc. Understanding what you have in your environment (e.g., types of devices, systems equipment, etc.) is very important in order to make sure the controls in place are working and more importantly, keeping up with the threat landscape.

Security and data breaches continue to be among the top concerns of organizations around the world. As a SaaS provider, we always make the information security of our customers our top consideration and build service and the operational controls around it, all while striving to adhere to the best security practices the industry has established.

This latest update to EventSentry improves your security posture with validation scripts, simplifies IT troubleshooting for both administrators and users, gives you visibility into installed browser extensions along with many other usability improvements in the web reports.