Open source security tools are no longer experimental or only used by hobbyists. They protect some of the largest global enterprises and critical digital infrastructure. This evolution occurred more rapidly than anyone imagined or predicted.

The need for fast incident response is a given. No industry professional would deny how critical a rapid response is when dealing with a cyber threat and an incident. However, it is equally important to understand that the quickest response is not always the best in cybersecurity. Security operations centers (SOCs) and organizations must factor in other variables, too, when preparing for the inevitable, as recent cyber stats suggest.

Almost every day we hear of another data breach. There has been no shortage of headline-hitting breaches here in Australia, such as Medibank and Optus. The old-school method of ransomware encrypting any data it has access to and requesting a ransom for the decryption key to restore data has evolved. It is now a more insidious and far-reaching problem involving bad actors exfiltrating data and requesting a ransom to keep from exposing that data publicly.

Security can often be distilled down to protecting data. And with microservice-driven applications, the approach to cloud database security has evolved quite dramatically. Beyond just securing data in the cloud, it’s now also difficult to know where the data resides, where the data is flowing, and how this data should be classified.

As companies increasingly move to microservices, they discover the security challenges they pose. Learn about security in a microservices architecture, and about security best practices to ensure your microservices application is secure.

When we hear the term “Credential Access” our detection engineer thoughts typically turn to the Windows LSASS Process and tools like Mimikatz. Recently, however, researchers have drawn our attention to Microsoft Office processes. These processes also store credential material, in the form of access tokens.