Operations | Monitoring | ITSM | DevOps | Cloud

Threat Detection

Bullet-Proofing Serverless Infrastructures with Failure and Threat Detection

When building cloud-based systems and serverless systems, in particular, it’s crucial to stay on top of things. Your infrastructure will be miles away from you and not a device you hold in your hands like when you build a frontend. That’s why adding a monitoring solution to your stack, which offers a pre-configured serverless failure detection, should be one of the first decisions.

Secure Your Endpoints with Sophos & Logz.io

Intercept X is Sophos’ endpoint security solution, including anti-ransomware, zero-day exploit prevention, plus managed endpoint defense and response. It employs a layered approach reliant on multiple security techniques for endpoint detection and response (EDR). Those tactics include app lockdown, data loss prevention, web control and malware detection.

Runtime Threat Detection on AWS

Tune into our #LinkedInLive event on Jan 12 at 10 am PST and Join Sysdig and AWS experts to learn how to detect and respond to threats to your production applications running on services like AWS Fargate and Amazon EKS. With the rise of microservices and DevOps practices, new security threats put your infrastructure and applications at risk. Hear how to leverage signals from AWS CloudTrail and open source Falco to spot unexpected behavior, block threats, and validate compliance across your AWS environment.

How to Enable Detection Rules via Elastic Security - Version 7.10

The detection engine brings automated threat detection to the Elastic Stack through the Security app in Kibana. As part of our belief in the power of open-source, Elastic Security has open sourced all our detection rules to work alongside the security community to stop threats at scale and arm every analyst. In this video, you’ll learn more about the detection engine and how to automate the protection of your data.

AWS threat detection using CloudTrail and Sysdig Secure

Implementing AWS threat detection with Sysdig Secure takes just a few minutes. Discover how to improve the security of your cloud infrastructure using AWS CloudTrail and Sysdig Cloud Connector. With the rise of microservices and DevOps practices, a new level of dangerous actors threatens the cloud environment that governs all of your infrastructure. A malicious or inattentive cloud API request could have a sizable impact on availability, performance, and last but not least, billing.

Using Private Threat Intelligence Feeds on Hidden Security Attacks with Logz.io

Oftentimes, security attacks that were clearly recorded in logs go unnoticed. They are obscured by a large sea of log data created by most modern cloud environments. In some cases, like during a DDoS attack, there will be a huge spike in logs so it will be very clear what happened. In other situations, just a few logs will document the attack. Finding these logs can be like finding a needle in a hay stack. But if you know what to looks for, it doesn’t need to be so hard to spot these attacks.

Guard Your Business Like a Warrior with These 10 Tools

Cybersecurity has been a core issue in business management and growth. As businesses try to manage more remote teams, it’s important now more than ever. With technology becoming an integral part of our everyday lives, we’re exposed to an ever-growing risk of cyber-attacks and malicious technological crimes. According to a recent study, on average, hack attacks occur every 39 seconds. That is, one in three Americans is a victim of cybercrime every year.

Practical security engineering: Stateful detection

Detection engineering at Elastic is both a set of reliable principles — or methodologies — and a collection of effective tools. In this series, we’ll share some of the foundational concepts that we’ve discovered over time to deliver resilient detection logic. In this blog post, we will share a concept we call stateful detection and explain why it's important for detection.

Email security in the post-COVID-19 era

Following the outbreak of COVID-19, organizations around the world have rapidly adopted remote work policies, making email communication more important than ever for disparate teams to collaborate. This has made it convenient for threat actors to launch email-based cyberattacks. The FBI has issued a public service announcement in which it revealed that it is anticipating business email compromise (BEC) attacks related to the COVID-19 crisis to increase. Hence, it's imperative for businesses to strengthen email security to mitigate email-borne threats.

4 Reasons Why IT Risk Detection is Critical in the Service Desk

In the previous blog, I discussed how IT risks can infiltrate the service desk if proper incident, problem, and change management aren’t applied. But, IT risk detection in the service desk can act as a safeguard to avoid this. It can help notify service technicians of “prohibited” or questionable items that could cause problems. Here are four reasons why IT risk detection should be incorporated and is critical for successful use of the service desk.