Cloud Security Posture Management
Arctic Wolf Cloud Security Posture Management security operations identify cloud resources at risk and provide guidance on hardening their posture, simplifying cloud security.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
2021 SANS Security Operations Center Report Offers Insight into Latest Industry Standards and Practices
A security operations center (SOC), which includes the people, processes, and technology needed to monitor, detect, analyze, and respond to cyber threats, is the foundation of many businesses’ cybersecurity. A SOC, however, is difficult to manage and maintain, requires significant budget and resources, and comes with many other challenges.
Using Arctic Wolf's Open Source Log4Shell Detection Script
After successful deployment to Arctic Wolf’s customer community of more than 2,300 organizations worldwide, Arctic Wolf’s Log4Shell Deep Scan is now publicly available on GitHub. Log4Shell Deep Scan enables detection of both CVE-2021-45046 and CVE-2021-44228 within nested JAR files, as well as WAR and EAR files.
Arctic Wolf Cloud Detection and Response
Cloud Detection and Response protects you from key cloud threats like account and business email compromise, ransomware, suspicious resource usage, and phished credentials. Arctic Wolf's Concierge Security® Team continually reviews your cloud posture and works to harden your environment over time. The cloud has changed the way we work. Accelerate your cloud transformation and have confidence your business is secure with Arctic Wolf Cloud Detection and Response.
Arctic Wolf Releases Open Source Log4Shell Detection Script
After successful deployment to Arctic Wolf’s customer community of more than 2,300 organizations worldwide, today we are making “Log4Shell Deep Scan” publicly available on GitHub. Log4Shell Deep Scan enables detection of both CVE-2021-45046 and CVE-2021-44228 within nested JAR files, as well as WAR and EAR files.
Understanding the Log4j Log4Shell Vulnerability
A zero-day threat is creating waves through the cybersecurity industry more than any other in years. On Thursday, December 9, security researchers published a proof-of-concept exploit code for CVE-2021-44228, a remote code execution vulnerability in Log4j, a Java logging library used in a significant number of internet applications. In the week since its discovery businesses worldwide are frantically trying to identify and mitigate the exploit, while security pros and experts are desperately attempting to release patches and guide organizations as new information becomes known.
Survey Underscores Challenges Companies Face in Managing Vulnerabilities
Vulnerability management remains a struggle for many companies and is still only an aspiration for many others. But with digital and cloud transformation rewriting the way many firms do business, the attack surface keeps expanding and becomes more difficult for organizations to protect their environments from growing threats.
Important Updates on Critical Log4j/Log4Shell Vulnerabilities
On Thursday, December 9, security researchers published a proof-of-concept exploit code for CVE-2021-44228, a remote code execution vulnerability in Log4j, a Java logging library used in a significant number of internet applications. Also known as Log4Shell, the situation is significant and continues to evolve, and the Cybersecurity and Infrastructure Security Agency is recommending immediate action.
5 Steps to Ace the FFIEC Assessment
Financial institutions are a rich target for cybercriminals, who scoop up sensitive personal information that allows them to open fake accounts and fraudulent lines of credit. According to research from services firm Accenture and the Ponemon Institute, the average annualized cost of cybercrime to financial institutions exceeds $18 million.
The Top Cyber Attacks of November 2021
One thing about the world of cybersecurity—it's seldom dull. The variety and creativity of cyberthieves keeps the industry constantly worth watching. November's roster of data breaches is an excellent illustration on that point: a mix of surprising methods, unusual motivations, and one old-fashioned data heist on one of the internet's most tempting targets.