Throughout this blog, we often write about both FedRAMP and CMMC as cybersecurity frameworks applied to the federal government and its contractors. These frameworks share a lot of the same DNA stemming from the same resources, and they share the same goal of making the federal government more secure. One significant question you may have, though, is one of practicality. Do CMMC and FedRAMP have reciprocity?

It is human nature to think “oh, that will never happen to us!”. Whether it is a car accident, an IRS audit, or the loss of a job, we can never really feel immune from misfortune or adversity that may come our way. Much in the same way, the threat from cyberattacks is no longer a rare occurrence confined to large corporations. Organizations of all sizes face mounting challenges in an environment where cybercrime is increasingly sophisticated and disruptive.

The evolution of artificial intelligence has been rapid thus far. By 2030 the AI market is projected to reach $1.81 trillion. Technology supported by AI has been useful in many areas of life such as education, healthcare, or finance. That is reflected by the rate of AI adoption by organizations being 72% (2024). Even if you just look around you – many people use tools like ChatGPT for daily life or work, AI helps with email management or studying. What do these advancements in AI bring to DevOps?

Zeek is a powerful open-source network analysis tool that allows users to monitor traffic and detect malicious activities. Users can write packages to detect cybersecurity events, like this GitHub repo that detects C2 from AgentTesla (a well-known malware family). Automating summarization and documentation using AI is often helpful when analyzing Zeek packages.

A SOC of the future is a resilient SOC that fosters a collaborative and proactive cybersecurity approach with a modern technology foundation. At the core of the SOC of the future is a unified threat detection, investigation, and response (TDIR) platform, representing the real-world requirements for how tools contribute to the SOC’s mission and strategy, providing integration and efficient process execution. The foundation for the unified TDIR platform is a modern SIEM.

The 2024 Verizon Data Breach Investigations Report (DBIR) found that compromised credentials consistently appeared as a key attack enabler – with almost 77% of web app breaches enabled by stolen credentials. Organizations are scrambling to protect credentials, and Just-In-Time (JIT) access has emerged as an effective strategy to address these challenges. JIT access grants elevated permissions only when necessary, minimizing the attack surface and reducing the risk of unauthorized access.

For the second year in a row, TMCnet, a global, integrated media company, has recognized WatchGuard EPDR + Zero-Trust Application Service with a Zero Trust Security Excellence Award. The award recognizes the leaders and pioneers in the zero trust industry offering the most innovative and effective solutions.