Demystifying XDR: Where SIEM and XDR Collide

Innovations solve longstanding problems in creative, impactful ways — but they also raise new questions, especially when they’re in the liminal space between being an emerging idea and a fully fledged, widely adopted reality. One of the still-unanswered questions about extended detection and response (XDR) is what its relationship is with security information and event management (SIEM), a more broadly …

The Big Target on Cyber Insurers‘ Backs

Here at IntSights, a Rapid7 company, our goal is to equip organizations around the world with an understanding of the threats facing them in today’s cyber threat landscape. Most recently, we took a focused look at the insurance industry — a highly targeted vertical due to the amount of personally identifiable information (PII) these organizations hold. We’ve collected our findings …

Prioritizing Cybersecurity Risk for Enterprise Risk Management

Abstract This document is the second in a series that supplements NIST Interagency/Internal Report (NISTIR) 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM). This series provides additional detail regarding the enterprise application of cybersecurity risk information; the previous document, NISTIR 8286A, provided detail regarding stakeholder risk guidance and risk identification and analysis. This second publication describes the need for determining the …

eBook: The CrowdStrike Security Cloud

Transforming Security for Today’s Modern Cloud Business Upheaval is arguably one of the best words there is to describe the effects of recent events on enterprises in 2020. As quarantine restrictions forced workers remote, it accelerated the growth of both telecommuting and cloud service adoption. The result was a new proving point for the power of cloud computing and the …

The Maturation of Cloud-native Security: Securing Modern Apps and Infrastructure

How an Integrated Defense-in-depth Platform Fills Gaps in Inconsistencies, Misconfigurations and Visibility More than ever, organizations are grappling with how to secure cloud-native applications. Composed of a combination of containers, virtual machines, APIs and serverless functions, protecting these applications from development to runtime requires reworking the approach many organizations take toward security. In a new survey from CrowdStrike and Enterprise …

First Code of Conduct for Data Protection in Cloud Infrastructure goes live

First services declared by multiple cloud infrastructure providers + Clear steps to GDPR compliance verified by independent Monitoring Bodies + Goes beyond GDPR requirements, by offering customers choice to store and process data in the European Economic Area + Code to form basis of GAIA-X Verifiable Credentials Today, CISPE, the voice of Cloud Infrastructure Service Providers in Europe, announced that …

Securing Distributed Energy Resources

Cybersecurity guidance to help energy companies protect IIoT data integrity and communications Distribution grid operators must protect the digital communication, data, and control of cyber-physical grid-edge devices. The NCCoE collaborated with stakeholders in the electricity sector, the University of Maryland, and cybersecurity technology vendors to build a laboratory environment that represents a distribution utility interconnected with a campus distributed energy …

WatchGuard’s Threat Lab Analyzes the Latest Malware and Internet Attacks

Internet Security Report – Q3 2021 WatchGuard’s Threat Lab (previously the LiveSecurity Threat Team) is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network. The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a …

DDoS-Sniper: sophisticated attacker analyzed

99% of DDoS-DFIR (primary the forensic part) consist of botnet-analysis and dealing with the „usual suspects“ like booter-services and smaller botnets. But every once in a while we come across an interesting attack like this with attackers who either play tricks with the Os-people or are able to attack efficiently. as in this case, which we want to report on here, where …

Promoting Data Protection by Design: Exploring Techniques

On the occasion of Data Protection Day, the European Union Agency for Cybersecurity (ENISA) explores how to engineer data protection principles. The European Union Agency for Cybersecurity (ENISA) joins the celebrated Data Protection Day by publishing a new report on data protection engineering. January 28th marks the anniversary of the Council of Europe’s Convention 108 on the protection of personal …

Gartner Predicts Hyperscalers’ Carbon Emissions Will Drive Cloud Purchase Decisions by 2025

Sustainability Investments to Increase as ESG Reporting Receives Growing Levels of Enterprise Attention By 2025, the carbon emissions of hyperscale cloud services will be a top three criterion in cloud purchase decisions, according to Gartner, Inc. As environmental, social and governance (ESG) priorities and reporting received growing levels of enterprise attention, more than 90% of organisations increased their investments in …

Buyers Guide: CrowdStrike 2021 Cloud Workload Protection Platform (CWPP)

Finding the right CWPP to secure your cloud apps, infrastructure and data Cloud adoption remains a key driver for digital transformation and growth for today’s businesses, helping them deliver applications and services to customers with the speed and scalability that only the cloud can provide. Enabling them to do so safely is a critical objective for any enterprise IT security …

CrowdStrike-Whitepaper: Five steps your organization can take to improve security in a multi-cloud environment

Embracing the cloud is critical to realizing digital transformation initiatives and long-term growth plans. But while the cloud may grant organizations newfound agility, it can also introduce new vulnerabilities for organizations that lack the internal knowledge and skills to effectively understand security needs in the cloud. Put simply, traditional security models are unsuitable for the cloud. Enterprises must adapt their …

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats

In response to recent malicious cyber incidents in Ukraine—including the defacement of government websites and the presence of potentially destructive malware on Ukrainian systems—CISA has published CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats. The CISA Insights strongly urges leaders and network defenders to be on alert for malicious cyber activity and provides a checklist of …

Beware of Digital ID attacks: you Face can be Spoofed

Digital idntification is the focus of two new reports by the European Union Agency for Cybersecurity (ENISA): an analysis of self-sovereign identity (SSI) and a study of major face presentation attacks. Trust in the identity of a natural or legal person has become the cornerstone of our online activities. It is therefore essential that digital identity is kept highly secure …

IBM Acquires Envizi to Help Organizations Accelerate Sustainability Initiatives and Achieve Environmental Goals

IBM today announced it has acquired Envizi, a leading data and analytics software provider for environmental performance management. This acquisition builds on IBM’s growing investments in AI-powered software, including IBM Maximo asset management solutions, IBM Sterling supply chain solutions and IBM Environmental Intelligence Suite, to help organizations create more resilient and sustainable operations and supply chains. This acquisition closed on …

2021 Managed Services Report

New research finds low confidence in Managed Services security solutions. How is it that a majority of survey respondents (68%) use MSSP/MDR solutions to fill security gaps, yet nearly half (47%) are not confident in the technology or the people. As you enter 2022 there’s important data that you should know, read the report.      

How CrowdStrike Protects Customers from Threats Delivered via Log4Shell

Log4Shell, the latest critical vulnerability, found in the Log4j2 Apache Logging Services library, poses a serious threat to organizations + Active attempts to exploit the vulnerability were identified in the wild, currently making it the most severe threat + CrowdStrike utilizes indicators of attack (IOAs) and machine learning to protect our customers + CrowdStrike continues to track and monitor the …