Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’re extremely excited to announce the availability of the EventSentry v5.1, which will detect threats and suspicious behavior more effectively – while also providing users with additional reports and dashboards for CMMC and TISAX compliance. The usability of EventSentry was also improved across the board, making it easier to use, manage and maintain EventSentry on a day-by-day basis. We also released 60+ training videos to help you get started and take EventSentry to the next level.

As cloud applications and services gain prominence amongst organizations, adversaries are evolving their toolset to target these cloud networks. The surge in remote work and teleconferencing presents unprecedented opportunities for nefarious activities. Enter the MITRE ATT&CK Framework, also known as a MITRE ATT&CK Matrix—a treasure trove for defending cloud infrastructure and on-premises infrastructure against the newest adversary tactics, techniques, and procedures (TTPs).

Cybersecurity is never boring. In recent months, we’ve seen major cyberattacks on Las Vegas casinos and expanded SEC cybersecurity disclosure rules are top of mind. Is it any wonder we consistently recommend taking a proactive approach to secure your environment with a defense-in-depth strategy and appropriate monitoring? News outlets reported the recent compromise at the Identity and Authentication (IAM) firm, Okta.

Board members often lack technical expertise and may not fully understand the risks associated with cybersecurity. On the other hand, CISOs are more familiar with IT staff and the technical aspects of cybersecurity. This is understandable, as the board is responsible for making high-level decisions and does not typically get involved in the details of implementation and technical audits.

The never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported malicious emails without risking their environments. Manually-triaging every email and being forced to switch between security applications/interfaces only slows response times, increases the chances for human error and means valuable threat intel can be missed.

As large organizations realize the likelihood of cyber attacks and improve their cyber readiness, small businesses are seeing increases not experienced by their larger counterparts. If I was to tell you that cyber attacks typically focus on larger businesses, you’d likely agree. After all, it just makes sense that the smaller the business, the likelihood that a cybercriminal’s earnings would be smaller. But, according to U.K.

Cybersecurity experts expect to see threat actors increasingly make use of AI tools to craft convincing social engineering attacks, according to Eric Geller at the Messenger. “One of AI’s biggest advantages is that it can write complete and coherent English sentences,” Geller writes. “Most hackers aren’t native English speakers, so their messages often contain awkward phrasing, grammatical errors and strange punctuation.

An often-heard concern in cybersecurity is the amount of tools a single organization has to manage to protect its environment from malicious actors, both internal and external. The environments cybersecurity professionals need to secure have grown a lot more complex over the years, as we have adopted new architectural principles and hybrid and multi-cloud infrastructures in the race for a competitive edge.

In this Trust Issues episode, host David Puner welcomes back Andy Thompson, CyberArk Labs’ Offensive Security Research Evangelist for a discussion focused on two recent high-profile breaches: one targeting MGM Resorts International and the other involving Okta’s support unit.