Create a Comprehensive Cybersecurity Automated Incident Response Plan Before You Need It
451 Research, a part of S&P Global Market Intelligence, released the report, Practical Requirements for Responding to Cyberthreats with MDR, where it addressed one of the biggest questions facing companies of all sizes: “What is a cybersecurity automated response plan, and do you need one?”
Log4j: The Evolution of Vulnerabilities to CVE-2021-45046
This blog post outlines the evolution of vulnerabilities to CVE-2021-45046 and what to expect in 2022.
How Alert Logic Responded to Log4j to Keep Customers Secure
This blog post outlines the actions taken by Alert Logic in response to Log4j to ensure our vulnerable and targeted customers remained secure.
Staying Ahead of Log4Shell through Threat Research and Hunting
Learn how the Alert Logic Threat Hunting and Research teams stayed ahead of Log4Shell.
Log4Shell: Its 3 Attack Phases and Why They’re Critical to Understand
In this blog, we’ll simplify the Log4Shell kill chain to help explain the critical elements of the attack and how to best detect successful exploitation if mitigation or patching are not yet possible.
Demystifying Ransomware Detection Coverage Along the Kill Chain
Ransomware creators are organized, global, and opportunistic. They operate much like enterprises with service desks and attack kits and take advantage of every opportunity, like the pandemic, to exploit weaknesses and vulnerabilities. There is no apparent end to their creativity — the latest attack types, in fact, hide within legitimate processes, making them very difficult to detect.
What is DevSecOps?
Applications drive business operations. Most organizations have developers who create and deploy software. For companies that develop software, securing their products and proving security is a way to build customer trust. However, threat actors increasingly target these applications because developers may not always be security professionals. For example, according to research, 56% of the largest incidents in the past five years can be traced to web application security issues. Organizations with development teams should understand what DevSecOps is and how to implement it.
Changing the Game: Hunting Ransomware with Threat Intelligence
In this blog, we’ll examine the typical progression of ransomware, how it has changed (and continues to change), and how advanced threat intelligence is necessary in order to be proactive in detecting and responding to such attacks.
What Is GDPR Compliance?
In this post, we take a close look at important sections of the GDPR and how they relate to your cybersecurity strategy.
Top 3 Considerations for an Effective Multi-Cloud Security Strategy
In this Q&A, learn the answers to questions around implementing a more effective multi-cloud security strategy.
Avoiding the Biggest Mistakes in Multi-Cloud Environments
While adopting a multi-cloud strategy can make your business more efficient and agile, it can also have considerable downsides if not implemented carefully. In working with our customers, we typically see organizations make the same handful of mistakes. Here are three of the biggest.
HITRUST vs. HIPAA
The two acronyms – HITRUST and HIPAA – sound similar and both address data protection, so it’s common for people to believe they’re essentially the same. However, HITRUST and HIPAA play separate but related roles in securing patient data.