Security information and event management, or SIEM, has become part of the vocabulary of every organization. SIEM solutions gather events from multiple systems and analyze them—both in real time and through historical data. SIEM costs—as cyber security costs in general—can be high, but there is a tradeoff if you opt for the FOSS route (free and open source solutions).
Today, we are excited to announce PagerTree now officially supports schedule rotations! A long awaited feature and requested by many customers, with schedule rotations it’s now easier than ever to schedule a list (or “rotation”) of people for full coverage support. Schedule rotations are available on our Pro and Elite pricing plans and are technically a subset of our “recurring schedules” feature.
Coding Sans has published the State of Software Development Report since 2018 in an effort to uncover the rapidly evolving trends of this particularly agile industry. Each year, the report highlights challenges, best practices, and the tools that are driving the software development industry, and how things have changed year over year.
Container use continues to grow, and Kubernetes is the most widely adopted container orchestration system, managing nearly half of all container deployments.1 Successful integration of container services within the enterprise depends heavily on access to external resources such as databases, cloud services, third-party application programming interfaces (APIs), and other applications. All this egress activity must be controlled for security and compliance reasons.
Forecasting health is vital in today's society. Who has the highest risk of getting a virus? Are you able to predict when this will happen? Knowing answers to these questions could save many lives. Forecasting the health of IT infrastructures is equally essential. Think of identifying databases that are about to stop serving requests in a timely matter, hard drives that are about to run out of space, or Service-level agreements (SLA's) that are about to cross the set thresholds.
Last month, we hosted a webinar, Hunting for persistence using Elastic Security, where we examined some techniques that attackers use in the wild to maintain presence in their victim’s environment. In this two-part blog series, we’ll share the details of what was covered during our webinar with the goal of helping security practitioners improve their visibility of these offensive persistence techniques and help to undermine the efficacy of these attacks against their organization.
In today’s chaotic digital sphere, networks are distributed across an increasingly wide range of hackable endpoints. From smartphones and tablets to Internet of Things (IoT) devices—everything gets connected to the network. EDR technologies and practices were created for the purpose of providing active endpoint protection and defense. However, if your systems and admins are overloaded with alerts, an EDR strategy might become obsolete.
That is a common question I see among developers. Most of the time, nobody cares about system logs. But when things go south, we absolutely need them. Like water in the desert, sometimes! At Dashbird, we have a list of criteria compiled to determine a reasonable retention policy for application logs. There is no one-size-fits-all, though. The analytical dimensions below will give a relative notion of how long the retention period should be.
With the rise of cloud computing and modern distributed systems, we also witnessed the rise of a new practice area: DevOps. Despite being fundamental for smooth cloud operations, a dedicated DevOps practitioner is a luxury most teams can’t afford. Salaries average $130K in San Francisco, for example. When a dedicated DevOps practitioner is not available in our team, what should we do? The answer could unfold a multitude of aspects.
