Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

During the COVID-19 pandemic, more employees have been working from home than ever before. This situation has significantly increased cyber security risks for organisations, with many lacking sufficient controls to protect workers outside of the office – something criminals are taking advantage of by targeting unsecured endpoints with increasing regularity.

Cyber crimes involving Insider Threats are on the rise. Every company needs to know how to investigate these serious offenses and keep their business safe. Here’s what you need to know about conducting a cyber crime investigation into Insider Threats.

When we discuss Splunk Phantom with customers here at Splunk, we end up talking about phishing pretty frequently. As discussed in a recent blog post, "Phishing Emails — Don’t Get Reeled In!," phishing is a super common issue that almost everyone deals with ad nauseum. It’s also a nuisance to investigate. The good news is that automation excels at dealing with repetitive, mind-numbing workflows like phishing investigations.

The terms DevSecOps and SecDevOps are often -- but not always -- used interchangeably. So is there any real difference between the two terms or is it all just semantics? Let’s look at how the role of security has changed as the software development life cycle (SDLC) has evolved to explore whether there’s really any difference between these two words.

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) was signed into law as part of the American Recovery and Reinvestment Act (ARRA) in 2009. The HITECH Act encourages the meaningful use of electronic health records (EHRs) by healthcare providers and their business associates.

For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi, and gain unauthorised access to users’ names, email addresses, dates of birth, address and activity history.

A friend that can’t keep a secret isn’t one you’ll rely on. The same is true for your mission critical CI/CD tool that you have to entrust with credentials for each integrated component. Keeping your secrets safe can be a challenge for CI/CD tools, since they need to connect to such a variety of other services. Each one needs its own password or token that must be kept hidden from prying eyes.

Recently we came across an interesting case that demonstrates just how important it is to monitor the behaviour of your network as even simple software components can be deceptive in nature. Our analysts were alerted to suspicious network activity originating from Microsoft Edge running on a Windows 10 machine. The browser in this instance was making a large number of web requests even though the machine was locked and not in use. There was one notable long running connection.

We’ve had an exciting past six months at Styra, from a Series A funding announcement to tremendous growth in the Open Policy Agent (OPA) community to new enhancements to our commercial product, Styra’s Declarative Authorization Service (DAS). All of this great momentum maps to our overarching vision of unifying authorization and policy for the cloud-native environment.