Let’s face it. The information security industry loves a new acronym. For industry long-timers, a new acronym might be just the latest reason for an eye roll. For folks new to the field, it can be very confusing. A constructive way to look at XDR — extended detection and response — is as an opportunity to take a fresh look at some old problems and gain clarity.

When assessing the corporate governance of modern companies, one cannot help but note the obvious problems with information security. To solve these problems, it is crucial to carry out initiatives that, on the one hand, are complex, multifaceted, and nonobvious, and on the other, assume the involvement of all employees of the company, including the heads of key departments.

This blog is part three in a series about identity-based access and management of AWS resources. In Part I, we covered how to use OSS Teleport to access Amazon EC2 instances running in private subnets. Part II explained implementing identity-based access via SSO integration with Okta. In Part III, we will guide you through the steps to configure privilege escalation for just-in-time access requests.

There’s a saying in the cybersecurity community which states that just because you are compliant doesn’t mean that you are secure. Over the years, many images have been used to illustrate the point. One memorable image is that of a nude bicyclist wearing a helmet. By all standards, that is the epitome of “compliant, but not secure”. Many organizations have shifted the focus away from merely achieving compliance, to being both compliant and secure.

According to the 2021 Devo SOC Performance ReportTM — which is based on the results of a survey of more than 1,000 security practitioners — having an understaffed SOC or constant turnover of security talent can cripple an organization’s security posture. Let’s look at some of the root causes that can lead to these two interconnected problems.

With the CIA Triad, confidentiality commands much of the attention. Organizations fret over the unauthorized disclosure of their data, so they try to reduce the risks of that type of an incident. In so doing, however, enterprises commonly overlook the other two, integrity in particular. Ron Ross, a fellow at the National Institute of Standards and Technology (NIST), thinks it’s a mistake for organizations to forget about integrity.

The world has changed. The COVID-19 pandemic has dramatically increased the number of teams that are working with a remote and distributed model. This change is a welcome acceleration of what many feel would have been the eventual outcome of our digital future. With this new model comes a new and changing set of security challenges.