Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Monitoring

Best practices for monitoring authentication logs

If you are running a user-facing web application, you likely implement some form of authentication flow to allow users to log in securely. You may even use multiple systems and methods for different purposes or separate groups of users. For example, employees might use OAuth-based authentication managed by a company-provided Google account to log in to internal services while customers can use a username and password system or their own Google credentials.

Agent vs Agentless Monitoring: Why We Chose Agentless

When we set out to create a cloud-based tool for configuration monitoring, we used the tools we knew and wrote UpGuard using JRuby. For our application, JRuby had many good qualities: getting started only required a one line install, the agent only needed to talk out on port 443, and it was platform agnostic. Using JRuby we demonstrated the value of system visibility, attracted our first cohort of customers, and raised the funds to expand UpGuard.

Share Datadog dashboards securely with anyone outside of your organization

Datadog dashboards provide a unified view of your application, infrastructure, and business data, giving stakeholders the context they need to make decisions. Sharing dashboards publicly is useful when you want to make them easily accessible to a large audience. But oftentimes, your dashboards include sensitive information, which is why you need finer-grained controls over the data you share—and who you share it with.

ISO 27001: Should You Expect it From Your API Vendors?

ISO 27001 is a way for companies to prove a certain standard of security to their customers. You may recognize ISO as the standards body that issues international standards and classifiers for all kinds of products and services, including date and time standards, country and currency codes, and structural systems—like the ones we’ll be discussing in this article.

Collect and monitor Microsoft 365 audit logs with Datadog

Microsoft 365 is a suite of cloud-based productivity and communication services that includes Microsoft Office applications (including OneNote and OneDrive) as well as other popular Microsoft tools like Skype and Teams. Microsoft 365 tools and services are at the core of many organizations’ data management and day-to-day workflows, so monitoring activity across your environment is key to making sure that these services remain secure and meet compliance standards.

Smoothing the Bumps of Onboarding Threat Indicators into Splunk Enterprise Security

This blog is part two of Splunk's Sunburst Backdoor response aimed at providing additional guidance to our customers (you can read part one, "Using Splunk to Detect Sunburst Backdoor," by Ryan Kovar). In this blog, we’ll cover how to ingest threat indicators to combat Sunburst Backdoor in Splunk Enterprise Security (ES).

Integrate Datadog Compliance Monitoring with your AWS Well-Architected workloads

Many of our customers rely on the Amazon Web Services (AWS) Well-Architected Framework as a guide to build safe, secure, and performant applications in the cloud. AWS offers the Well-Architected Review (WAR) Tool as a centralized way to track and trend adherence to Well-Architected best practices. It allows users to define workloads and answer a set of questions regarding operational excellence, security, reliability, performance efficiency, and cost optimization.

How to Enable Detection Rules via Elastic Security - Version 7.10

The detection engine brings automated threat detection to the Elastic Stack through the Security app in Kibana. As part of our belief in the power of open-source, Elastic Security has open sourced all our detection rules to work alongside the security community to stop threats at scale and arm every analyst. In this video, you’ll learn more about the detection engine and how to automate the protection of your data.

Maximize Card Profitability and Sleigh Payment Fraud Attacks with Transaction Intelligence

It’s a busy season for card issuers, card networks and payment service providers. Transaction and purchase volumes are rising across mobile and online channels — with Black Friday and Cyber Monday e-commerce sales up 15% from last year. Despite this holiday season’s resilient e-commerce sales, organizations must continue to find ways to maximize transactions and card profitability in the face of reduced in-store purchase volumes, interest margins, fees and interchange revenues.

SUNBURST Backdoor: What to look for in your logs now - Interview with an incident responder

Yesterday, FireEye published a report about a global intrusion campaign that utilized a backdoor planted in SolarWinds Orion. Attackers gained access to the download servers of Orion. They managed to infect signed installers downloaded by Orion users who had all reason to believe that the packages are safe and had not been tampered with. With this information out in the world, teams are scrambling to investigate if their environments are affected by this breach.