The cybercrime threatscape is constantly changing as hackers adapt and repurpose the use of many different types of tools and attack vectors, and a recent report by Kaspersky Lab indicates that the use of remote administration tools (RATs) has increased during 2018. RATs are commonly developed as legitimate software suites with bundled functionalities to support system administrators and other power users.

PowerShell had its beginnings as a way to enable administrators to perform their tasks both locally and remotely with unprecedented access to underlying Windows components, such as COM objects and WMI. Since being included in every major Windows Operating System since Windows 7, PowerShell based tooling is well proliferated for both legitimate and malicious use and includes common tooling such as SharpSploit, PowerSploit, PowerShell Empire, Nishang and Invoke-Obfuscation.

We are excited to announce a new solution for our customers to monitor the performance, availability, and security of their Zoom video conferencing service. The Sumo Logic for Zoom app is available today in our app catalog. This new app will be added to our ‘Work From Home’ solution which is available for free, with no obligation.

What a world! In February, everyone was busy minding their own business, but since March, the entire globe suddenly focused on the same challenge. The COVID-19 pandemic has taken our businesses and private lives by storm. The outbreak surprised everyone - a surprise hardly any business was prepared for. It brought country-wide lockdowns for quarantine, office closures and enforced teleworking, which are now commonplace.

In times when a majority of employees are working from home due to the global coronavirus pandemic, enterprises are extensively relying on collaboration tools like Zoom to keep their employees productive and engaged. Only in March, the daily usage of Zoom Videos increased over 5 times. The platform made it easy for company employees and clients to hop on meetings whenever needed and for schools and students to continue education online.

Today, we are facing an unprecedented situation. The COVID-19 pandemic is affecting everything we know -- our families, our businesses, our communities, and our way of life. In these tough times, many organizations have resorted to mandatory remote working for employees so they can still be productive and safe. Saas productivity tools like Zoom, Slack, G-Suite and Office 365 became seemingly mandatory in this new distributed workplace.

Alcide recently introduced Alcide kAudit, an automatic tool for analyzing Kubernetes Audit logs. This tool focuses on detecting non-compliant and anomalous behavior of users, automated service accounts and suspicious administration operations. Alcide’s recent integration with Sumo Logic enables users to gain full access to insights and real-time alerts from Alcide kAudit.

Like many of my peers, my role as a Chief Security Officer (CSO) has dramatically changed as we work to understand and adapt to COVID-19. It’s hard to believe that just a few weeks ago, my mind was focused on things such as FedRamp and the California Privacy Act (CCPA), now the majority of my time is focused on ensuring our employees safety and productivity, so they can continue to deliver products and support our customers and partners.

The first means to collect security-relevant information at Cloud SIEM Enterprise (CSE) was our Network Sensor. It was built to analyze network traffic and provide visibility beyond traditional SIEM's down to the network-level. Beyond organizing packets into flows, the sensor supports more advanced features such as decoding of common protocols, file carving, SSL certificate validation, OS fingerprinting, clustered deployment and more.

Today’s businesses spend more money on SaaS tools than on laptops. On average, today’s employees use a minimum of eight different SaaS tools. The security implications of this robust cloud landscape cannot be neglected and we trust you are fully aware of it already. As an IT leader, you are responsible for keeping your company’s cloud infrastructure secure, but with the multitude of cloud apps businesses use on a daily basis, you have less and less control of that security landscape.