The velocity of technology infrastructure change continues to accelerate, putting serious stress on Security Operations (SecOps). This has forced security folks to face the fact that operations has never really been their forte. That’s a bit harsh, but denial never helps address problems. The answer is not to give up or run away, but we do have to think differently. In this paper, we present an approach based on building security into the technology stacks which run our infrastructure, documenting operational in clear runbooks, and implementing those runbooks via orchestration and automation within infrastructure without manual intervention.
If you’ve worked in IT or development you’ve seen this before: User names and passwords sitting in a file. When your database starts up, or when you run an automation script, it grabs the credentials it needs to function. The problem with this is obvious; admins and attackers alike know this is common practice, and both know where to look for easy access to applications or services.
Data Loss Prevention is alive and well. Data protection remains in the forefront of organizations’ need to protect critical technology assets. But it hasn’t gotten easier to select a solution, mostly because various aspects of content analysis and filtering exist in many tools, using a variety of deployment models. And that whole cloud thing brings additional complexity to purchasing decisions. So what should you choose to address your needs? Our updated Understanding and Selecting DLP paper explains the technology and the options, and offers a process and map to help you make the best decision for your organization.