Security teams need the ability to model their complex organizations by splitting data across multiple tenants while maintaining complete visibility throughout the entire infrastructure. At the same time, they must keep data segregated to maintain security and meet data residency and compliance requirements.

The Cybersecurity Maturity Model Certification (CMMC) seeks to help secure the Defense Industrial Base (DIB) supply chain by requiring contractors and subcontractors to standardize their security controls. With CMMC 2.0, the Office of the Under Secretary of the Defense Acquisition and Sustainment (OUSD(A&S)) designated National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 as the foundation of the framework.

Adoption of Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) applications means navigating the Shared Responsibility Model. Under the Shared Responsibility Model, the cloud services provider takes care of the infrastructure’s security, but you need to secure what happens within that environment. According to the State of Cloud Native Security Report, 50% of companies surveyed reported that maintaining comprehensive security remained a challenge.

As available software on the market increases, so do vulnerabilities. When a company's system is weak due to vulnerabilities in the software it uses, attackers take advantage of the situation to: This, in turn, causes the company to lose customers, reputation and money. To reduce threats, network personnel and system administrators are always on the front line, constantly patching the organization's software and operating systems. But to what end?

The Russian cyberattacks against the U.S. are ramping up in scope and volume. Last month, a hacking group claimed credit for cyberattacks hitting more than a dozen U.S. airports’ websites, temporarily rendering parts of the sites inaccessible to the public. State-sponsored actives in non-war conditions expend exorbitant efforts to disguise themselves to prevent attribution. They also purposefully limit the scope of their attacks.

Earlier this year, Splunk sponsored the report, "SOC 2025: The Future of Security Operations Centers" from Securosis, which is based on previously published blogs by analyst and president Mike Rothman (now with Techstrong Research).

Homomorphic encryption brings a whole new paradigm to encrypting data. In this article, I’ll explain homomorphic encryption, including.

Whether you are planning to use Graylog for security and threat hunting, IT Operations analysis and reporting, or any other use case, getting your logs into Graylog is essential. The process of log collection is sometimes a daunting task, especially if you are planning to collect massive amounts of data. But if you take a minute to answer some key questions before you begin, you can transform the log collection task from daunting to smooth sailing. Here we go with the questions…