The shortage of staff creates an urgency for organizations to have cyber security plans. For example, in 2021, the planned Kaseya ransomware attack happened on the 4th of July. Russian hackers knew there would be a staff shortage in the US. They used the company’s software to infiltrate the victims’ systems, using a zero-day vulnerability. As a result, the attack caused significant financial loss to 50 direct customers, and between 800 and 1,500 businesses down the chain.

It’s no secret that cloud service providers like AWS, Google Cloud, and Azure give teams incredible power and flexibility when it comes to delivering great solutions and user experiences to a global customer base. Leveraging the power of one or more clouds is often seen as a critical competency for an organization to succeed.

A vulnerability scan is an automated process that identifies vulnerabilities (security holes) in any software, operating system, or network that bad actors can exploit. In essence, it’s an integral component of vulnerability management focused on protecting businesses from breaches and the exposure of sensitive data.

Today organizations have been able to recognize over the years the benefits of implementing a Cloud-based SIEM Service in terms of scalability, cost, and security. However, before operating in the cloud, you should know what architecture you need to adopt to protect your business and your customers’ data. Intending to help you implement a cost-effective SaaS SIEM Service, we share the advantages of multi-tenant over a single-tenant cloud architecture.

If you haven't heard the gospel of risk-based alerting (RBA) in a SIEM context, by the end of this sermon you'll see why you’ll want it running in your environment yesterday, whether you're an analyst, an engineer, or in leadership.

That’s right all, it’s time for the latest MITRE Engenuity ATT&CK® evaluation. As we have come to expect each year, Elastic — along with other security vendors — are evaluated by MITRE Engenuity, a tech foundation that brings MITRE research to the public. The evaluation focuses on emulating techniques from the MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework to assess vendor protection capabilities.

Cyberattacks are fast becoming a part of our daily lives. Multiple sources such as Norton Security and Forbes suggest that since the pandemic, attacks are not only increasing in number, but they are becoming more targeted and sophisticated. The attackers using Ransomware as a Service and double extortion techniques are prime examples of how sophisticated attacks are becoming these days. Norton Security states that there are more than 2,200 cyberattacks on a daily basis.