Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When it comes to cyber threats, few are as feared as Advanced Persistent Threats. An Advanced Persistent Threat (APT) is a sophisticated, highly targeted and often long-term cyberattack orchestrated by well-funded and highly skilled threat actors. In some cases, they’re even backed by governments: North Korea, Russia and China have all been caught orchestrating APT attacks in the past two years. APTs differ from traditional cyber threats, which are more persistent, targeted, and sophisticated.

The digital world is a lot like the Old West: lawless criminals are looking to take advantage of any bug, flaw or vulnerability to exploit. To combat the problems from these flaws, many organizations offer bounties to anyone who can find them before cybercriminals. Because bugs can be challenging to spot, bug bounty programs leverage ethical hackers' expertise to spot corporate software's flaws. Some of the largest corporations in the world, including Google, Microsoft, and the U.S.

The CISO role has evolved in recent years. CISO’s don’t come just from technical and security backgrounds anymore. Each organization has their own distinct vision for how to solve their security needs whether they are customer, regulatory, or industry driven. I started out my career as an external auditor, with the goal of becoming a CFO.

Typosquatting goes by many names: URL hijacking, domain mimicry and domain typo-squatting, to name a few. However, they all mean the same thing: malicious attackers register domain names similar to popular websites but with common typos and variations. Typosquatting aims to trick users who mistype the legitimate URL into visiting and using the fraudulent site. It is a widespread practice.

Authentication and authorization are two processes that play a significant role in any web application. These concepts ensure that only trusted individuals are granted access to the resources of the application. Plus, with all the web applications and services we use regularly, it is increasingly difficult to manage credentials for multiple user accounts. SAML technology provides a means for securely logging into multiple applications using a single set of credentials.

Welcome to our technical blog, where we’ll be diving into the world of Graylog and how you can secure your Graylog Server with Transport Layer Security (TLS). As an admin or a tech-savvy user, you know the importance of protecting your Graylog Server and the logs it manages from unauthorized access.

In life, you get a lot of different alerts. Your bank may send emails or texts about normal account activities, like privacy notices, product updates, or account statements. It also sends alerts when someone fraudulently makes a purchase with your credit card. You can ignore most of the normal messages, but you need to pay attention to the fraud alerts. Security is the same way.

Picture yourself as a cyber detective, ready to uncover the hidden threats lurking in the shadows of your organization's network. Sounds exciting, right? Well, hypothesis-driven hunting is all about channeling your inner Hercule Poirot to stay one step ahead of adversaries working against you. The PEAK threat hunting framework identifies three primary types of hunts: In this post, we’re going to look at hypothesis-driven hunting in detail.