The tectonic shift happening within the public sector is seeing more and more federal organizations transitioning from legacy, on-premises systems to more scalable and secure cloud-based architectures. Sumo Logic’s cloud-first approach is a perfect fit for this so we’re excited to announce Sumo Logic has been prioritized by FedRAMP to work with the Joint Authorization Board (JAB) to achieve a Provisional Authority to Operate (P-ATO).
My role as a Chief Security Officer (CSO) has dramatically changed as we work to understand and adapt to COVID-19. It’s hard to believe that just a few weeks ago, my mind was focused on things such as FedRamp and the California Privacy Act (CCPA), now the majority of my time is focused on ensuring our employees safety and productivity, so they can continue to deliver products and support our customers and partners.
The first means to collect security-relevant information at Cloud SIEM Enterprise (CSE) was our Network Sensor. It was built to analyze network traffic and provide visibility beyond traditional SIEM's down to the network-level. Beyond organizing packets into flows, the sensor supports more advanced features such as decoding of common protocols, file carving, SSL certificate validation, OS fingerprinting, clustered deployment and more.
Kubernetes is an extremely intelligent technology, but without the right direction it can respond in unwanted or unexpected ways. As is true with most “smart” technologies, it is only as smart as the operator. In order to set teams up for peak success with Kubernetes, it is vital they have a pulse on their Kubernetes clusters. Here are 5 ways that engineers can best identify any loose ends when setting up a Kubernetes cluster and ensure the healthiest workloads possible.
Many companies are moving their infrastructure and web applications to the cloud. Along with moving to the cloud, organizations are finding new ways to remain agile and nimble, especially when it comes to software. By utilizing Amazon AWS and Amazon ECS, companies are decoupling their monolithic applications and taking advantage of microservice architecture.
In today’s increasingly connected world, corporate security operations centers (SOCs) are more important than ever. SOC teams are on the front line of protecting the company operations and confidential data from the myriad of rapidly evolving cyber threats organizations face everyday. SOC teams are tasked with more responsibility than ever before. As a result, they are drowning in systems that don’t provide enough information or context to empower analysts to make informed decisions. As a result, SOC teams are spending too much time on analysis and validation and not enough time on problem solving.
As businesses transform their traditional business models into new digital ones, and aggressively compete for turf within the digital economy, their constant pursuit of competitive edge drives technology, process, and architectural innovations. As a result, it seems that every 18 months a technology paradigm shift comes about that enables better agility, lower cost, improved quality of service, better intelligence and more.
The main theme for this year’s RSA event focused on the human element in addressing the behaviors and activities of users and analysts. This is something that was echoed in our Cloud SIEM Enterprise announcement the previous week and we demonstrated in our booth with our truly modernized security analyst experience. Actually, when attendees spotted our Cloud SIEM Enterprise user interface they immediately requested to see a live demo and witness this new security analyst experience.
As the cloud continues to expand with no end in sight, it’s only wise to invest in it. Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service bring significant cost savings (personnel and ownership), improved performance, better reliability, freedom to scale and - above all - significant security benefits. It’s no wonder that so many businesses have already adopted all three of these models.