If you’re reading this, you likely know what a log is, and what a metric is. But sometimes there are questions on their differences, whether you really need both, and if you should use dedicated solutions to manage each type. The answers? Yes, you need both; yes, they should be unified. Logs and metrics, aka machine data, are complementary.
Data breaches happen daily, many of which go undetected for months and even years. In this environment, having visibility into assets across the enterprise is paramount. This critical security need is termed “enterprise visibility” and has become a household name across the industry. The concept can take on a variety of meanings depending on the stakeholder you may be dealing with across the enterprise.
Across the board, security teams of every industry, organization size, and maturity level share at least one goal: they need to manage risk. Managing risk is not the same as solving the problem of cybersecurity once and for all, because there is simply no way to solve the problem once and for all. Attackers are constantly adapting, developing new and advanced attacks, and discovering new vulnerabilities.
SIEM security that is equipped with Artificial Intelligence (AI) and user behavior analytics can deal with internal threats. AI capabilities in SIEM help security professionals to automate tasks that are otherwise manual and repetitive. Doing so can also help to swiftly detect threats and suspicious activities in network traffic and event logs.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Social media take-overs can be quite disastrous, and a recent UK law inforcement breach certainly caused a lot of embarrassment.
Google Cloud Platform (GCP) includes a powerful resource hierarchy that establishes who owns a specific resource, and through which you can apply access controls and organizational policies. But understanding the GCP resource hierarchy can be hard. For example, what does a GCP Organization “look” like? What networks exist within it? Do specific resources violate established security policies? To which service accounts and groups visualizing do you have access?
On 16 July 2019, UK’s National Cyber Security Centre (NCSC) released the second annual report of the Active Cyber Defence (ACD) program. The report seeks to show the effects that the program has on the security of the UK public sector and the wider UK cyber ecosystem.
As a vendor, Tripwire gets asked a lot of questions from customers and potential clients about how developments in the wider world might affect digital security. One of those forces that’s on everyone’s mind is Brexit. Representatives from some of our potential customers as well as our existing clients are asking us what to focus on and what to do. Specifically, they’re wondering how Brexit will affect their digital security efforts in general.
Here is a short communication tip that may help you in your daily interactions. How often have you “resent” an E-Mail? How often have you told a person that you will “send an invite”? You may be wondering why I am bringing this up in a post usually reserved for cybersecurity. Am I just being overly pedantic? Am I just a rigid grammarian? One could easily assert that (and my friends do so all the time, so feel free to jump on that bandwagon).
The elderly population in the U.S has been on a steady incline for the past few decades. With more seniors living longer new challenges arise. Unfortunately, many seniors become vulnerable to different types of abuse, neglect, and exploitation as they age. The National Council on Aging estimates that financial fraud and abuse against seniors costs older Americans up to $36.5 billion each year.
