Devo Security Operations Product Introduction
Devo Security Operations reinvents the SIEM and empowers analysts to focus on the threats that matter most to the business.
Devo Security Operations - Threat Hunting
Threat hunting is an essential component of any defense strategy and with Devo Security Operations, threat hunting is easily accomplished. The threat hunting module in Security Operations enables analysts to quickly find evidence of adversaries within their network.
Devo Security Operations - Alert Triage
Security Operations improves SOC operations, from identification to response, by allowing analysts to gain complete visibility, reduce the noise, and focus on the threats that matter most. Instead of simply prioritizing alerts, Security Operations prioritizes what the analysts should investigate.
HIPAA Privacy Rule Summary and Compliance Tips
The Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) establishes a set of national standards for the protection of patients' rights and certain health information. Its standards address the use and disclosure of individuals' health information, known as protected health information or PHI by organizations subject to the Privacy Rule, as well as standards for an individual's rights to understand and control how their health data is used.
Devo Security Operations - Investigations
Devo Security Operations arms the analyst with a solution that gives them total visibility into security incidents. The net effect is that adversaries are quickly rooted out and analysts become significantly more effective as they work on only the data that matters.
What is HSTS (HTTP Strict Transport Security)?
HTTP Strict Transport Security (HSTS) is a web security policy mechanism that enables web sites to declare themselves accessible only via secure connections. This helps protect websites and users from protocol downgrade and cookie hijacking attacks.
Puerto Rico government falls for $2.6 million email scam
As if Puerto Rico wasn’t having a hard enough time as it attempts to recover from a recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals. According to media reports, the government of the US island territory has lost more than US $2.6 million after falling for the type of email scam that has plagued companies and organisations around the world.
Key security functions of unified endpoint management
As part of digital transformation, the adoption of a wide range of devices for work is on the rise. A unified endpoint management (UEM) solution is capable of enforcing management policies and configurations, as well as securing endpoints. In a previous blog, we reviewed the capabilities of a good UEM solution. In this instalment, we look at UEM security features.
MOSE: Using Configuration Management for Offensive and Defensive Security
Post-exploitation can be one of the most time-consuming but worthwhile tasks that an offensive security professional engages in. Fundamentally, it is where you are able to demonstrate what an adversary may do if they compromise a business. A big component of this is trying to get as far as you can without alerting the defenders to what you’re doing.
Playing defense against Gamaredon Group
For several months, the Intelligence & Analytics team at Elastic Security has tracked an ongoing adversary campaign appearing to target Ukranian government officials. Based on our monitoring, we believe Gamaredon Group, a suspected Russia-based threat group, is behind this campaign. Our observations suggest a significant overlap between tactics, techniques, and procedures (TTPs) included within this campaign and public reporting.