Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Windows kernel driver is an interesting space that falls between persistence and privilege escalation. The origins of a vulnerable driver being used to elevate privileges may have begun in the gaming community as a way to hack or cheat in games, but also has potential beginnings with Stuxnet.

Through my career, I have been “fortunate” to work on some of the greatest national security challenges, ranging from weapons of mass destruction proliferation to terrorism to cyber insecurity. AI represents our newest challenge but will most comprehensively impact society.

In our first blog in the Splunk RBA series, we introduced Risk-Based Alerting (RBA) and covered the basic principles of RBA. In the rest of this series, we explain how you can plan and then implement RBA within your organization. Are your security teams drowning in data and overwhelmed with alerts? Are you thinking that there must be a better way, some esoteric or forbidden knowledge, to produce higher-fidelity alerts and keep your team from burning out?

This is the first post in a series on the pillars outlined in the new US National Cybersecurity Strategy. I review each pillar in turn, and then discuss how services such as Devo can help address the challenges outlined in that pillar.

L et’s start with this: Global research shows over half of organisations have had a data breach, and 62% suffer from unplanned downtime on a monthly basis. The recent research figures are a stark reminder of the prevalence and current nature of security threats. It may not come as a surprise to those who follow the constant stream of media reports detailing mistakes and malicious attacks.

Imparting your data to an organization, whether you are a private individual or another organization yourself, requires an incredible amount of trust. How can you be sure that they will handle your sensitive information properly? For specific industries, stringent standards and regulations are in place to ensure cybersecurity. For example, HIPAA for healthcare and PCI DSS for payment card processing companies reassure customers and companies that data is protected.

A vulnerability is any flaw or weakness within the technology system that cybercriminals can exploit to gain unauthorized access to a network, information assets and software applications. For any organization today, there are plenty of vulnerabilities. Knowing where and how vulnerabilities can exist, you can start to get ahead of them. So, let’s look at the 5 most important types of vulnerabilities.

ISO/IEC 27001 is the international standard on information security. It was established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to stipulate the framework for implementing Information Security Management Systems (ISMS) in an organized and risk-effective way. For this article, we’ll mostly refer to ISO 27001, but know that we’re referring to both ISO/IEC 27001. Got it? Let’s begin!

Data security is a major concern for almost everyone. From organizations to individuals, most of us who use or supply cloud-based services want to ensure that our information stays confidential and accessible. However, these concerns are amplified to national security when government data is the subject. That’s why the U.S.government has a stringent set of security requirements known as FedRAMP®. All cloud vendors that provide services to federal agencies must comply with these standards.