Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Observability has gained a lot of momentum in the past year, be it full stack observability or data observability. Modern complex IT systems using clouds, microservices and serverless are easy to develop and deploy but extremely difficult to observe. These systems generate tremendous amounts of data and need an automated way of handling the volume. The next era of delivering customer experience is underpinned by the full stack observability capability.

In September 2021, the Indian Markets Regulator, Security, and Exchanges Board of India (SEBI) banned an employee of an Indian MNC headquartered in Bangalore and his counterpart, an employee of a leading Global information technology company from trading in stock exchanges till further orders. An impounding of illegal proceeds of 2.62 crore rupees were generated through insider trading activities. This is just an example of insider trading.

Privilege abuse is the top misuse-related reason for data breaches according to the 2021 Data Breach Investigations Report by Verizon. To mitigate the risk of data leaks and other incidents, it’s crucial to enhance the protection of critical assets and keep a close eye on the activity of privileged users. Yet it can become a real ordeal for an IT security manager not only to secure access to their organization’s servers but also to track and manage all privileged sessions.

MSPs are playing an increasingly important role in organizations' cybersecurity. This is the key finding from our Pulse "Outsourcing Security" survey of more than 100 organizations worldwide: 88% of respondents are outsourcing their cybersecurity processes or tools, and the most common type of outsourcing agreements selected is through MSPs (55%).

This weekend I spent some time with Okta’s Identity Engine product, learning about various ways to integrate it with Splunk and other external systems. When I got to Okta’s Event Hooks feature, I exclaimed “Aw, HECk!” (actually I said something a little stronger) and banged my head against my old copy of "Log4J 4 Me and U - A Complete Guide" for a few hours trying to get Event Hooks sending data properly into Splunk’s HTTP Event Collector, or HEC.