Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As digital transformation expands the threat landscape, compliance mandates adapt to meet new challenges. In 2020, the European Commission announced its decision to accelerate its revision of the Directive on Security of Network and Information Systems (NIS2). When carrying out its impact assessment, the Commission realized that it needed to update the NIS Directive in response to new risks.

It’s a warm, sunny day as you lie in the sand under a big umbrella. Suddenly, you feel the waves crashing against your feet, only to look down and see numbers, letters, usernames, and timestamps. You try to stand up, but you feel the tide of big data pulling you under… With a jolt, you wake up, realizing that you were having another nightmare about your security Data Lake and analytics.

Much has been written about how AI, particularly Large Language Models (LLMs), will transform cybersecurity. Some say it'll be for the worse, and some say it'll be for the better. Although SURGe firmly believes that AI will end up helping defenders much more than it helps threat actors, it's sometimes hard to envision the exact form in which this help will, or should, come.

Splunk Asset and Risk Intelligence empowers organizations to identify and address vulnerabilities in their security posture proactively. By leveraging key compliance framework controls and providing customizable dashboards and metrics, ARI offers clear visibility into assets missing critical security controls. This allows organizations to proactively close gaps in security controls, regardless of the regulatory frameworks they must comply with.

Your Domain Name System (DNS) infrastructure enables users to connect to web-based resources by translating everyday language into IP addresses. Imagine going into a restaurant, in the age before the internet, only to find that the staff speaks and the menu is written in a different language from yours. Without some shared communication form, you can’t order dinner, and they can’t give you what you want.

Many organizations today have strict data privacy regulations that they must comply with. These privacy regulations can often clash with the requirements of security, application and operations teams who need detailed log information. This how to guide walks you through redacting message fields for privacy purposes. At Graylog, many of the organizations who use our tool are logging sensitive data that may contain personally identifiable information, health related data or financial data.

Wherever you live, people can find you using either a street address or a set of latitude and longitude numbers. In the digital world, your website’s domain name or URL is the street address while the IP address is the latitude and longitude. For example, it would be cumbersome to tell people that you live at 35°05′17″N 109°48′23″W, but easy to say a number and street name. IP address data is useful for both protective and detective cybersecurity functions.

The Devo Platform has earned its reputation as a powerful and innovative force in Security Information and Event Management (SIEM). Customers rely on Devo to detect and respond to threats in real time, gain complete visibility into their security posture, and streamline their security operations. But the core strengths that make Devo a SIEM leader – unmatched scalability, real-time analytics, and flexible customization – also enable us to solve a variety of other data challenges.

A recent analysis by JPMorganChase criticized the CVSS scoring process, finding missing context leads to misleading prioritization. When it comes to cybersecurity, patching vulnerabilities often feels like the Holy Grail. Get those CVEs patched, and you’re safe, right? Well, not exactly. As we know, patching isn’t as straightforward—or as effective—as we’d like to believe.