Elastic Cloud Hosted deployments that have been encrypted with AWS KMS keys also support AWS KMS key security policies and features, such as key rotation and key revocation. Key rotation minimizes the risk of data leaks due to key compromise. Key revocation is an additional security measure, where access to encrypted data via a compromised key is terminated, either via … [Read more...] about Encryption at rest in Elastic Cloud: Bring your own key with AWS KMS
REST
Encryption at rest in Elastic Cloud: A strategic imperative for enterprise security
Have you been wondering if you can bring your own key (BYOK) to encrypt your data and snapshots in Elastic Cloud? If yes, you’ll enjoy this blog post series.As organizations increasingly rely on cloud software to streamline processes and enhance collaboration, data security becomes a non-negotiable requirement. Encryption at rest is a cornerstone of data security strategies, … [Read more...] about Encryption at rest in Elastic Cloud: A strategic imperative for enterprise security
Switching from the Java High Level Rest Client to the new Java API Client
I'm often seeing questions on discuss related to the Java API Client usage. For this, in 2019, I started a GitHub repository to provide some code examples that actually work and answer the questions asked by the community.Since then, the High Level Rest Client (HLRC) has been deprecated and the new Java API Client has been released.In order to keep answering questions, I needed … [Read more...] about Switching from the Java High Level Rest Client to the new Java API Client
Customize Where it Matters, Automate the Rest
Nov 10, 2023The Hacker NewsThreat Intelligence / SecOps There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their day on events that don't pose any threat to their organization, and this has accelerated the adoption of automated solutions to take the place of … [Read more...] about Customize Where it Matters, Automate the Rest
Can Data Protection Systems Prevent Data At Rest Leakage?
Protection against insider risks works when the process involves controlling the data transfer channels or examining data sources. One approach involves preventing USB flash drives from being copied or sending them over email. The second one concerns preventing leakage or fraud in which an insider accesses files or databases with harmful intentions. What's the best way to … [Read more...] about Can Data Protection Systems Prevent Data At Rest Leakage?
Stop playing whack-a-mole and put threats to rest with Cisco Stealthwatch Cloud
I was recently able to grab some time with a Cisco customer to hear about their experience with Cisco Stealthwatch Cloud, a SaaS-based Network Detection and Response (NDR) solution. Aspire Technology Partners, a Managed Security Service Provider, explained their use of the product for one of its customers that was in a dangerous situation involving some slippery malware … [Read more...] about Stop playing whack-a-mole and put threats to rest with Cisco Stealthwatch Cloud
Insights Regarding the Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability
This blog post was authored by Eugenio Iavarone, Cisco PSIRT. On August 28th, 2019, Cisco published a Security Advisory titled “Cisco REST API Container for Cisco IOS XE Software Authentication Bypass Vulnerability”, disclosing an internally found vulnerability which affects the Cisco REST API container for Cisco IOS XE. An exploit could be used to bypass authentication on … [Read more...] about Insights Regarding the Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability