CrowdStrike formally identified a new set of espionage-minded hacking activity that is squarely directed at global telecommunications companies, relies on advanced operational security techniques and can access sensitive mobile data without planting malware or infecting devices.
Application security has become a complex, distributed problem. During the days of waterfall development and monolithic applications, application security was pretty straight forward – statically scan your source code, dynamically test your business logic, and deploy a web application firewall to protect layer 7 traffic. But with agile development, DevOps processes, and containerized applications, application […]
Last fall we discussed what security data do I really need to collect and analyze. We know we don’t need it all, but this was only the sensor part of the discussion. Now that we have that data identified and those sensors in place, what brain do I need to collect and analyze it? There […]
The news is flooded with updates regarding the COVID-19 vaccine. Cyberattacks are targeting the vaccine supply chain. Phishing attacks are exploiting sign-ups for the vaccine. There are even attacks to get access to vaccine data. Sounds a lot like our enterprises every day! We’re all learning about human immunology from the headlines, but what are […]
Cloud-Native and Serverless are the next evolution of application architecture. But protecting these applications is not easy. Where do I install my agent? How do I monitor network traffic? What APIs are exposed? The adoption of containers started this challenge a few years ago by abstracting the application from the operating system. In order to […]
We’ve been told for years that we don’t have enough data for security. Then we see the headlines and quotes… “Organizations must prepare for collecting, processing, analyzing, and acting upon terabytes of security data.” “All decisions about cybersecurity strategies, program priorities, investments, etc. should be made based upon analysis of real-time and historical data.” New […]