Imagine the following scenario: you’re running a small corporate website, and suddenly, your service becomes unreachable, throwing a 503 (service unavailable) http error at your customers and website visitors. The irritated messages start flooding in to support. Worried, you walk through the usual administrative checks, to make sure it’s not what you think it is. Is the webhost up?

Lately, hackers on the lookout for vulnerable systems have kept the IT industry busy. While various OS and software vendors strive to keep their users’ data intact by providing timely updates, manually securing endpoints by applying these updates is challenging due to factors such as time, staffing, and IT budgets. To help admins out, we’ve compiled a list of some industry best practices you can implement to stay vigilant against cyberattacks and data theft.

The world is changing. The way we do business, the way we communicate, and the way we secure the enterprise are all vastly different today than they were 20 years ago. This natural evolution of technology innovation is powered by the cloud, which has not only freed teams from on-premises security infrastructure, but has also provided them with the resources and agility needed to automate mundane tasks.

Boston and Tel Aviv, October 24, 2018 — Logz.io, the leader in AI-powered log analysis, releases the first robust security application built on the open source ELK Stack, bringing powerful and scalable security monitoring and analysis directly into the DevOps workflow.

Facing the growing threat of cybercrime, and to answer compliance requirements, more and more organizations are looking at their DevOps and Operations teams to implement security. The term “security”, however, often triggers negative feelings among engineers. The reason for this is that security is associated with siloed, sequential and complicated processes — all roadblocks to fast development and deployment.

We founded Logz.io four years ago with a vision to provide a platform for engineers like us to operate the next generation of applications and infrastructure. As engineers, we experienced firsthand the challenges of running large-scale, open-source tools and the frustration of dealing with slow, proprietary tools which were not designed to support the rapidly changing technology stack we operated.

In the past few days, a new vulnerability was disclosed in a widely used component – jQuery File Upload plugin. A change in Apache’s Web Server security setting handling, exposed users of this plugin to an unrestricted file upload flaw. Let’s dig in on how to detect jQuery File Upload vulnerability (CVE-2018-9206) using Falco.