Continuing Diagnostics and Mitigation (CDM) is a program of the Department of Homeland Security designed to enhance cybersecurity across the Federal government. By deploying a standardized stack of pre-approved security tools, CDM ensures that small and large agencies alike can protect their networks from common threats.
If you are reading this, I don’t have to convince you any further of the powerful intelligence we can derive from logs and machine data. If you are anything like the many, many users, customers and prospects we have been talking to over the years, you might, however, have some level of that pesky modern condition commonly known as volume anxiety.
AWS offers more than 150 discrete services, spanning compute, storage, database, network, and identity management to name a few. Earlier this year we published our Continuous Intelligence Report in which we surveyed Sumo Logic customers on how broadly they used the various AWS services. We found that the median number of different services most orgs use was 15.
Security is a top concern for any enterprise to move their applications and workloads to the public cloud. AWS offers a broad selection of native security tools and as our Continuous Intelligence Report noted, AWS customers are using several of these to improve the security of their AWS environment. However, it can be overwhelming to know where to start and how to deploy best practices for detecting security misconfigurations caused by human errors and attacks from external sources.
Today’s SOC teams are fatigued and under pressure from overwhelming alert volume. Many SOCs were built around legacy solutions designed with SIEM technology invented years, even decades ago. With the threat landscape evolving at an unprecedented rate, SOC teams are limited by these technology restrictions and unable to keep pace with the volume and sophistication of modern attacks.
Nowadays, it’s not uncommon to see enterprise IT leaders in a situation that seems like a catch 22. Oftentimes, they are expected to be involved in making data-driven decisions for augmenting productivity and profitability. Paradoxically, they are preoccupied with what they consider as their core responsibilities – applying best practices to safeguard the IT infrastructure and expediting investigations when incidents occur. As practitioners of IT, we must admit that it rings a bell and also chip in with our knowhow.
Never before in history has the concept of identity been so vital. To a large extent, everything we rely on to live our lives depends on who we are… or perhaps more accurately, who we can prove ourselves to be. Our data has come to be the standard by which we define ourselves. Because this identity-defining data is online, the protection of our data is of paramount importance.
Data centers, on-prem deployments, and physical boxes were—for the longest time— the unquestioned standard across Federal agencies. Today, the wave of public cloud deployments seems just as inevitable. Agencies that once adopted a wait-and-see approach are now jumping feet first into the world of public cloud. Entire agencies are realigning their IT teams to deliver capabilities in more nimble, flexible ways.