The evolution of Security Information and Event Management (SIEM) is deeply intertwined with cloud computing, both in terms of technological breakthroughs the cloud provided and from its inherent security challenges. With the rise of cloud computing, we no longer rely on long-lived resources. An ephemeral infrastructure obscures the identity of the components and, even if you do have the visibility it doesn’t necessarily mean you can comprehend the meaning behind the components.

When a network contains an excess of redundant, obsolete and trivial (ROT) data, productivity and desired outcomes can take a hit. The good news is that organizations can significantly reduce the impact of ROT data when they plan properly and invest in the right tools.

As a technique used for keeping sensitive information safe, asymmetric encryption is a popular one. Read our article and learn more about what asymmetric encryption is and how it can be useful for your organization.

The Zero Trust approach to security is based not on where you are, but who you are. This model shifts the focus from network and perimeter-based security to identity-based access. In simple terms, this means: Zero Trust security provides a powerful approach to keeping an organization’s resources secure and usage auditable.

Zero Trust is an information security model that does not implicitly trust anything inside or outside its network perimeter. Instead, it requires authentication or verification before granting access to sensitive data or protected resources. Zero Trust was coined by John Kindervag at Forrester Research in 2009. Zero Trust security provides visibility and security controls needed to secure, manage, and monitor every device, user, app, and network.

We have seen great strides in improving security tooling and processes over the past ten years. Via constantly maturing security models, security teams have become increasingly dependent upon an ever-more complex toolchain of products and services. But what happens when these systems fail. How much effort are we putting into planning and maintaining our security solutions to ensure they’re available when issues occur?

Many organisations are acting to prevent the spread of Coronavirus by allowing their employees to work from home. In order to be able to do so comfortably, and without introducing a component of risk, businesses should follow certain best practices that can guarantee their digital assets are just as secure with a remote workforce as they would be in-house. Unfortunately, cybercriminals have already started to take advantage of this pandemic.

With more and more endpoints accessing your network remotely, you should expect rapid increases in VPN connections and usage, as well as exponential usage of cloud-based services. There are numerous Splunk apps that can help you increase the monitoring of remote endpoints but let’s showcase Splunk Security Essentials (SSE).