Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

While we are a long way from implementing Skynet, using machine learning combined with automation to make real-time decisions is here. In a recent talk at Sumo Logic Illuminate, Dave Frampton, General Manager of Cloud SIEM and Security Analytics, discusses the future of security with Vijaya Kaza, Head of Engineering and Data Science for Trust & Safety and Chief Security Officer at Airbnb. Kaza describes how automation, machine learning and AI can strengthen a company's overall security posture.

In Elastic Security 7.16, multiple new out-of-the-box data integrations for Elastic Agent streamline data ingestion and normalization, powering security operations. The release also introduces full production support for several existing data integrations. Version 7.16 introduces an expanded set of malicious behavior protections, addressing methods related to initial access, privilege escalation, and defense evasion.

This is the second in a two-part series discussing a still-unpatched userland Windows privilege escalation. The exploit enables attackers to perform highly privileged actions that typically require a kernel driver. Part 1 of this blog series showed how to block these attacks via ACL hardening. If you haven’t already, please read the first part of this series, because it lays an important foundation for this article. Interested readers can also check out the excellent Unknown Known DLLs...

We’re excited to announce updates to Sumo Logic AWS Quick Start Integrations that enable customers to automate the integration of AWS Security Reference Architecture within Sumo Logic Cloud SIEM powered by AWS. The new integrations automate the collection, ingestion, and analysis of applications, infrastructure, security, and IoT data to derive actionable insights for security engineering teams.

Over the past 12 months, the cyberthreat landscape has become much more tumultuous. A data breach analysis from the Identity Theft Resource Center (ITRC) found that the number of data breaches publicly reported so far this year has surpassed the total for 2020. That’s alarming. To combat this constant barrage of cyberattacks, you must equip your security team with the tools they need to match the pace of today’s data growth and cybercriminals’ relentlessness.