What Cybersecurity Concerns do Business and IT Leaders Share?
Discover the most common cybersecurity concerns and questions business and IT leaders have for their organizations.
Accelerating HITRUST CSF Certification with AWS
AWS makes HIPAA compliance easier with a secure, agile infrastructure, tools, and services to help accelerate the HITRUST CSF certification process.
Alert Logic MDR with Intelligent Response: Tackling the Next Frontier in Cybersecurity
Many organizations are struggling with the same basic challenges: small security teams, too many alerts to handle, and too few candidates qualified to fill open cybersecurity positions. All of this is elevating the need for automated detection and response solutions, with increased emphasis on response, as industry analysts foresee it being the next battleground for customers in the Managed Detection and Response market.
Human Expertise is Key to Intelligent Incident Response
It has long been said that security requires a three-pronged approach — people, process, and technology. This is especially true where incident response is concerned, and managed detection and response (MDR) services can help provide all of these elements. This blog discusses how the MDR market came about and how it has evolved over time. In 2022, response capabilities will be the key differentiator.
What is ISO 27001?
ISO 27001 helps ensure organizations meet compliance requirements but doesn’t mandate specific tools or practices. Learn how the certification works and can help your organization.
Create a Comprehensive Cybersecurity Automated Incident Response Plan Before You Need It
451 Research, a part of S&P Global Market Intelligence, released the report, Practical Requirements for Responding to Cyberthreats with MDR, where it addressed one of the biggest questions facing companies of all sizes: “What is a cybersecurity automated response plan, and do you need one?”
Log4j: The Evolution of Vulnerabilities to CVE-2021-45046
This blog post outlines the evolution of vulnerabilities to CVE-2021-45046 and what to expect in 2022.
How Alert Logic Responded to Log4j to Keep Customers Secure
This blog post outlines the actions taken by Alert Logic in response to Log4j to ensure our vulnerable and targeted customers remained secure.
Staying Ahead of Log4Shell through Threat Research and Hunting
Learn how the Alert Logic Threat Hunting and Research teams stayed ahead of Log4Shell.
Log4Shell: Its 3 Attack Phases and Why They’re Critical to Understand
In this blog, we’ll simplify the Log4Shell kill chain to help explain the critical elements of the attack and how to best detect successful exploitation if mitigation or patching are not yet possible.
Demystifying Ransomware Detection Coverage Along the Kill Chain
Ransomware creators are organized, global, and opportunistic. They operate much like enterprises with service desks and attack kits and take advantage of every opportunity, like the pandemic, to exploit weaknesses and vulnerabilities. There is no apparent end to their creativity — the latest attack types, in fact, hide within legitimate processes, making them very difficult to detect.
What is DevSecOps?
Applications drive business operations. Most organizations have developers who create and deploy software. For companies that develop software, securing their products and proving security is a way to build customer trust. However, threat actors increasingly target these applications because developers may not always be security professionals. For example, according to research, 56% of the largest incidents in the past five years can be traced to web application security issues. Organizations with development teams should understand what DevSecOps is and how to implement it.