event logging
Log4j Forced a Cybersecurity Wake-Up Call
It’s been nearly four months since Alibaba Cloud’s security team first reported a remote code execution (RCE) vulnerability within Apache Log4j (also known as Log4Shell). Due to the popularity and widespread use ...
A Deeper Dive Into the Value of Centralized Logging
In my previous blog post, I talked about the value of centralized logging, a high-level, non-complex overview of how centralizing your logs can help you determine if your security controls and defensive ...
Log4Shell – The API Security Challenge
Last week’s Log4Shell vulnerability is a dramatic example of how modern applications, interconnected services and pervasive APIs can create substantial security challenges. As a security researcher who has spent years looking at ...
How to Determine if Your Network Security is Working
In my previous blog post, I talked about the MITRE ATT&CK framework and how it can help you determine possible threats and threat actors’ techniques so that you can better focus your limited ...