Determining the ROI of XDR For many years, defining the return on investment (ROI) for a cybersecurity project, including the ROI of Extended Detection and Response (XDR), was challenging. It was not easy to describe the actual value of many of the protections that were implemented in an organization. Too often, the explanation about how a product could improve security was a … [Read more...] about IT Security Execs XDR Survey: ROI Proof Points
security
Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons
Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases consisting of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C … [Read more...] about Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons
Investigate Log4Shell exploits with Elastic Security and Observability
OverviewFollowing the discovery of Log4Shell, a vulnerability in Log4J2, Elastic released a blog post describing how users of our platform can leverage Elastic Security to help defend their networks. We also released an advisory detailing how Elastic products and users are impacted.In this blog, we expand on these initial posts and highlight how the combination of security and … [Read more...] about Investigate Log4Shell exploits with Elastic Security and Observability
A Quick Guide for SaaS Security Compliance
When I want to know the most recently published best practices in cyber security, I visit The National Institute of Standards and Technology (NIST). From the latest password requirements (NIST 800-63) to IoT security for manufacturers (NISTIR 8259), NIST is always the starting point. NIST plays a key role as a US standard-setter, due to the organization's professionalism and … [Read more...] about A Quick Guide for SaaS Security Compliance
Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security
Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "trivially and reliably" bypass a "myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday. Tracked as CVE-2021-30853 (CVSS score: 5.5), … [Read more...] about Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security
Building a Scalable Security Architecture on AWS with Cisco Secure Firewall and AWS Transit Gateway
Comprehensive cloud support is essential when agile and efficient security at scale is required. With Cisco Secure Firewall Threat Defense 7.1, we have added support for the AWS Gateway Load Balancer (GWLB) to drive simple, agile, and efficient security in the cloud. This integration simplifies insertion of Cisco Secure Firewall in AWS with Geneve protocol (RFC 8926) … [Read more...] about Building a Scalable Security Architecture on AWS with Cisco Secure Firewall and AWS Transit Gateway
How to Overcome 5 Hybrid IT Security Challenges
Digital transformation has pushed organizations to adopt a hybrid IT approach and has created a mix of on-premises and cloud infrastructure that has to be supported and protected. Unfortunately, while hybrid IT holds significant promise for businesses when it comes to creating efficiencies and speeding the delivery of applications and services, it also introduces a new set of … [Read more...] about How to Overcome 5 Hybrid IT Security Challenges
Presenting the Security Outcomes Study, Volume 2
What if you could build a successful, world-class security program with just five practices? And what if shifting focus to these areas could put your security program ahead of 79% of other organizations? Our latest cybersecurity research study suggests that this is not only true but is also a tangible reality for organizations that choose to follow some practical steps. Over … [Read more...] about Presenting the Security Outcomes Study, Volume 2
2021 CrowdStrike Global Security Attitude Survey
Customers of mainstream software providers continue to face a crisis of trust, say IT and security chiefs, while cyberattacks are more costly and anxieties around these attacks continue to grow — especially attacks conducted through ransomware and the software supply chain, the 2021 CrowdStrike Global Security Attitude Survey reveals. The survey also shows that in tandem with … [Read more...] about 2021 CrowdStrike Global Security Attitude Survey
How to Build an Integrated Security Posture Using XDR
Digital attacks grew in both volume and sophistication in 2020. As reported by PR Newswire, the number of complaints received by the FBI’s Cyber Division numbered as many as 4,000 a day during the first half of 2020—400% more than it was in the first few months of that year. (Interpol warned of an “alarming rate of cyberattacks aimed at major corporations, governments, and … [Read more...] about How to Build an Integrated Security Posture Using XDR