Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A SIEM solution has become an integral part of an organization’s security arsenal. But organizations often overlook the system’s capabilities, owing to a belief that SIEM functionalities are too complex and the architecture inscrutable. Regrettably, they neglect to meet the requirements of their organization with the features of the product. For instance, an organization that deals with the credit card information of customers needs to comply with the PCI-DSS requirement.

Financial organizations employ the process of customer due diligence to gather and assess pertinent data about current and prospective clients. By analyzing data from many sources, it seeks to identify any possible risks to the financial institution associated with doing business with a certain organization or person.

Unlike before, software used to come in a compact disk and be distributed through stores, today’s software distribution process is simplified as you can buy them online. Cybercriminals actively look for files to tamper with. If they get the source code of your software, inserting malware into the software will not take long. Hence, code signing is essential to save your users from such attacks.

“Knowing what’s on your network is the first step for any organization to reduce risk.” -CISA Director, Jen Easterly. On October 3, the Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks.

Welcome to the final episode in our blog series focused on Mobile Endpoint Security. The first two episodes detailed the protections necessary to secure data accessed by remote workers (Endpoint security and remote work) and best practices for combating the threat of ransomware 5 ways to prevent Ransomware attacks).

Have you ever heard an IT security pro talk about their POA&M and wondered what they meant? You’re not alone. Many security consultants and engineers are uncertain about the meaning of the acronym “POA&M”. It stands for Plan of Actions and Milestones. It’s a commonplace term within military and defense working environments.

A Denial-of-Service (DoS) is an attack meant to shut down a machine or network, making it inaccessible to its intended users, so dos Kubernetes is a potential target. In the case of Distributed Denial-of-Service (DDoS), the attacker will look to maintain some form of anonymity so their activities cannot be traced. They can route traffic through Tor and VPN infrastructure to scan, attack, or compromise the target, while maintaining anonymous communications.

Protecting data is more mission-critical to businesses than ever before. Nearly every business process is tied to data, meaning that security teams need to streamline their monitoring, detection, and investigation processes. Centralized log management gives security teams the resources they need when they need them. Understanding how to use your log management solution for security monitoring can help you successfully mitigate risk and reduce cost.

In a previous article, I wrote about how — and why — you might want to use the Google Open Source group’s Jib tool to build your Java application container images. Jib builds slim, JVM-based, OCI-compliant images that follow best practice guidelines without the need for a container runtime like Docker, and it removes the need to write and manage Dockerfiles. What if you are building Go applications, though?

DirtyCred is a new Linux kernel exploitation technique that allows kernel Use After Free (UAF) or Double free vulnerabilities to swap a credential or file structure on the kernel heap memory to escalate privileges to root. The replaced credential or file structure provides root access on a Linux host and breaks out of the container at the same time. Ph.D.