Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Common Unix Printing System (CUPS), a standard component in nearly every Unix-like and Linux system, has recently come under scrutiny due to a series of critical vulnerabilities discovered by security researcher Simone Margaritelli. These issues, collectively known as the CUPS vulnerability, expose Linux and Unix environments to potential remote code execution and information disclosure risks.

According to CIS, just in the first half of 2024, malware-based threats rose by 30% from 2023. A similar 30% year-over-year increase was also found in cyber attacks in 2024 in a report by Check Point Research. With such alarming statistics, it is evident that the need for threat monitoring has become more critical than ever before. In this blog post, we'll explore what threat monitoring entails, why it's essential, and how you can implement best practices to safeguard your business.

There’s no way around it: vulnerability management is complex. As organizations become more reliant on software and applications, the sheer volume of known vulnerabilities has become more difficult to track, prioritize, and remediate. Adversaries have also become increasingly reliant on exploiting vulnerabilities in order to compromise organizations.

Splunk has implemented SCIM (System for Cross-domain Identity Management), a standardized protocol designed for efficient and secure management of user identities across various systems. With the release of this feature, Splunk customers can automatically deprovision users within Splunk when a user(s) are removed from the customer’s Okta Identity Provider (IdP) with following benefits for the customers.

Imagine compliance is like a driving application. You know your location and you plug in the destination address, then it shows you the route’s overview. If you want a more specific map, you can zoom in a bit and get more details. Similarly, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and it’s most recent revision provide the overview roadmap for your compliance journey.

Authorization is a very common term in computer security. But most people confuse it with authentication. Let me explain it with an example. Now, let's dig deeper into the topic and see why authorization has become a major security concept.

In a world where attackers are continually devising more sophisticated ways to breach enterprises, the value of automation has become critically important. To make matters worse, today's SOC is grappling with swivel chair movement across various security products, which sometimes includes a standalone automation product.

The SIEM market is in flux. Mergers, acquisitions, and vendors leaving the space are creating uncertainty for organizations that rely on SIEMs as the cornerstone of their security operations. If your organization is feeling the ripple effects of this consolidation, it’s time for a SIEM checkup. This means critically examining your current SIEM stack and vendor relationship to ensure they’re still serving your evolving security needs.