Micro Lesson: Managing Access Keys (how to)
This video shows you how to add and manage access keys using Sumo Logic.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Sumo Logic
Cloud-native SOAR and SIEM solutions pave the road to the modern SOC
The ever-evolving cyber threat landscape gives birth to new, unprecedented cyberattacks that challenge traditional cybersecurity approaches and force security operations centers (SOCs) to evolve and redefine their methods. To ensure that the integrity of their data is well-protected, SOCs have to be one step ahead of malicious actors. Ergo, the necessity of creating the modern SOC comes into play.
Adopt user analytics to accelerate security investigations
Machine data analytics is the process of parsing data generated by software from a wide variety of sources including servers, networks, applications and financial records. These, and many other similar sources, produce massive amounts of data including from local operating systems, identity/access management tools, cloud consoles and their associated log files, alerts, scripts and profiles.
Microlesson: Preprocessing Data for Ingestion into Cloud SIEM
Learn whether you need to set up log mappings, parsers, or field extraction rules to get the most out of your data with Sumo Logic and Cloud SIEM.
Why Sumo Logic Cloud SOAR
Modernizing security operations to handle current and evolving threats is critical to the success of every business. Sumo Logic Cloud SOAR is a security orchestration, automation and response solution used by enterprises and MSSPs to reduce incident response time, streamline workflows and boost SOC efficiency.
Monitoring your AWS environment for vulnerabilities and threat detection
Managing the security of your Amazon Web Services (AWS) environment requires constant vigilance. Your strategy should include identifying potential threats to your environment and proactively monitoring for vulnerabilities and system weaknesses that malicious actors might exploit. In a complex environment—such as your AWS account with a multitude of services, coupled with various architectures and applications—the ideal solution should be both comprehensive and straightforward.
How IHG modernized SecOps during the pandemic
During AWS re:Invent 21, I had the honor of hosting Phil Weeks, Senior technical advisor at IHG for an informative session on IHG’s security modernization journey during the pandemic which started with replacing a legacy SIEM.
Infrastructure is a disaster. The lessons from Log4J.
New day. New threat. New technology to combat said threat. Sound familiar? The threat landscape is continually evolving and getting more sophisticated, and, in an attempt to keep up, many organizations are quick to adopt the latest buzz-worthy product. This is a recipe for disaster.
Microlesson: Cloud SIEM Entities
Learn what Cloud SIEM Entities are and how they're used to generate Insights.
Log4Shell CVE-2021-44228
On December 10th, 2021, the National Vulnerability Database (NVD) published the CVE-2021-44228 documenting a vulnerability in the Apache log4j library Java Naming and Directory Interface (JNDI) lookup feature allowing for remote code execution by an attacker who is able to manipulate log messages. A proof of concept was released on December 9th, 2021, and active scanning and exploitation attempts have increased through the time of the publishing of this brief.