Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Take a glance on social media on any given day, and we’ll hear from commentators stating how there is a (cyber) skills gap and that it must be addressed if we are to meet the challenges we are all increasingly facing. Let’s be clear about something before we continue. If we are saying that there is a skills gap, then there are organizations out there that are ready to hire cybersecurity professionals now.

Users who do not have the appropriate security awareness training are considered a weak link in the security of an enterprise. These untrained users are easier to exploit than finding a flaw or vulnerability in the equipment that an enterprise uses to secure its network. Attackers could convince unsuspecting users into unintentionally providing access to the enterprise network or exposing sensitive information.

The US federal government has increasingly focused on supply chain security in recent years, which puts added pressure on subcontractors to not be the weakest link. Due to the nature of federal contracts, government contractors typically possess data called Controlled Unclassified Information, or CUI, if they supply goods or services directly to the federal government.

Amid a growing network of endpoints to support telework and cloud-based applications, US federal civilian agencies are protecting government resilience and resources with a new Continuous Diagnostics and Mitigation Dashboard (CDM Dashboard) built on the Elastic search platform. At a recent MeriTalk Cyber Central: Defenders Unite event, participants learned about how Elastic, in partnership with ECS, enables security operations center (SOC) teams with cyber visibility at speed and scale.

Detecting malicious activity takes weeks or even months despite the many efforts companies put into building cybersecurity threat detection systems. You can increase your chances of uncovering malicious activity by studying insider threat techniques and applying diverse detection methods. In this article, we discuss the most common techniques behind insider threats and their possible indicators as well as ways you can detect insider threats in an efficient manner.

Our latest analysis of the National Vulnerability Database (NVD) has revealed that 2021 has now officially broken the record for common vulnerabilities and exposures (CVEs) logged by researchers. NIST is the US National Institute of Standards and Technology, and its National Vulnerability Database (NVD) is a repository of Common Vulnerabilities and Exposures (CVEs).

Social engineering is an insidious way of getting "insider access" into an organization's network and data. Threat actors use it to gain sweeping access to carry out sophisticated attacks while evading detection. This "insider" leeway of social engineering makes it an alarming threat that cybercriminals are routinely exploiting now more than ever.

This blog post is part thirty of the "Hunting with Splunk: The Basics" series. Shannon Davis provided the first half of this blog on pipe hunting in part twenty-nine, and will now run through the second half! – Ryan Kovar