Data breaches come in all shapes, sizes, and levels of exposure. They can range from a couple of log files unintentionally left available to the public to the leak of hundreds of thousands of users’ personally identifiable information (PII). Don’t think that just because you have a secure network, a leak can’t happen to you.

When we talk about cloud providers, we often forget that not all data is the same — even in the same application, while we might think of this data as from a “financial application” or a “computation process”, the reality is that each data set has subsets upon subsets, and thus require specific applications to manage them.

If you maintain a regular practice of keeping log data, you probably have an established way of observing event logs in real time or you do it by using batch processing. There are two ways you can monitor event logs: manually and automatically. By monitoring event logs, you can gain deeper insight into system metrics, localize process bottlenecks, and detect security vulnerabilities. What are some other advantages of event log monitoring, and how can you get the most out of it?

Phishing happens. It is probably happening as you read this. Right now, some well-defended company is having data under its care exposed. This data may contain sensitive information, such as login credentials, and in many cases, it is only known that an attack of this type has taken place after the fact. Protecting yourself and your employer against phishing attacks relies foremost on critical thinking; however, there are some business processes and technologies that can help.

One of the key Kubernetes security concepts is that workload identity is tied back to information that the orchestrator has. The orchestrator is actually the authoritative entity for what the actual workloads are in the platform. Kubernetes uses labels to select objects and to identify collections of objects that satisfy certain conditions. We, and others in the Kubernetes networking space, often talk about using Kubernetes ‘labels’ as identity bearers.

DNS, the Domain Name Service, is the Internet service that translates IP addresses into hostnames, and visa versa. It enables you to type www.exoprise.com in a browser, or send an email to someone at that domain, and have your request actually go to 35.172.52.247. As a vital part of the Internet infrastructure, DNS attacks can have a serious impact on your online operations, including access to your website and email.

SIEM has been with us for almost two decades now and is seen as a proven approach to dealing with potential threats as well as actual attacks on business critical systems. But today, it is becoming clear that changes in IT infrastructure and deployment practices are giving rise to new challenges that cannot be met by existing SIEM platforms.

It’s a sad but common truth that not all network devices are built with security in mind. Some ship with default credentials like admin / admin, with SNMP set to public, or with operating systems that haven’t been updated in years. As with any other device, it’s important to practice good hygiene when managing network devices. Good hygiene means things like keeping firmware up to date, changing credentials away from the defaults, and refreshing end-of-life hardware and software.

You know the saying: "better safe than sorry." In information technology, that phrase usually refers to backups and disaster recovery — having redundant data and infrastructure in place to help mitigate risk when something inevitably goes wrong.

We’re happy to announce that ManageEngine has been positioned in Gartner’s Magic Quadrant for Security Information and Event Management[i] (SIEM) and its Critical Capabilities for Security Information and Event Management[ii] research report for the third consecutive year.