Moving lots of data to the cloud can take a long time and cost quite a bit, even over fast connections. Like its competitors — and especially AWS — Microsoft has long allowed its Azure users to import data to its cloud by shipping hard drives to its data centers. It’s now going a step further with the preview launch of the 100 TB Azure Data Box, its answer to AWS’s 50… Read More
At its Ignite conference, Microsoft today put its stake in the ground and discussed its progress in building a quantum computer and giving developers tools to experiment with this new computing paradigm on their existing machines. Read More
Today, we are pleased to announce the availability of the SentinelOne Tech Add-On and App for Splunk. Splunk is one of the most widely deployed tools used by our customers to monitor and analyze massive streams of data. The SentinelOne App provides pre-built dashboards, lets you search SentinelOne data, and even lets you take actions from the Splunk console. Here are some of the key use cases where you can leverage the SentinelOne Splunk App.
The SentinelOne App uses SentinelOne REST APIs to fetch information about threats, devices, policies, activities and other objects from the SentinelOne console and indexes them in Splunk. Default dashboards use saved searches to provide threat and operational summaries.
The SentinelOne app creates a SentinelOne index with distinct source types for all the objects it fetches from SentinelOne. This lets the admin perform queries to gain further insights into endpoint policies and threats.
index=sentinelone sourcetype=agent agent_version=”22.214.171.12434″
index=sentinelone sourcetype=threat classifier_name=STATIC
index=sentinelone sourcetype=group subdomain=tango
Some large enterprises deploy multiple consoles, sometimes regionally, to comply with local data privacy laws. Others have hybrid deployments where air-gapped networks are managed by an on-prem console and other devices by a console in the SentinelOne cloud. The SentinelOne Splunk App can connect with multiple consoles to let admins get a roll-up view across these consoles. Searches can also be limited to specific consoles using the console field.
index=sentinelone console=”alpha” sourcetype=agent agent_version=”126.96.36.19934″
The SentinelOne app lets you take actions from within Splunk, such as resolving threats, upgrading agents, and disconnecting infected devices from the network from within the Splunk interface. This is especially useful in SOCs and other large enterprise setups.
After months of beta deployments and enhancements, we are now excited to make the app available on Splunkbase. Also take a look at the solution brief for more insights. From all of us at SentinelOne, enjoy and Happy Splunking!
WordPress is the most popular CMS on the planet. It has been the reigning king of websites for years, and all indications are that it will continue to be so. Unfortunately, there’s trouble brewing in the kingdom.
If you used WordPress to build your company’s site, then you undoubtedly know that you can extend and expand the CMS’s basic functionality via third-party plugins. These plugins can literally do anything you can imagine.
Want to sell products on your website? There are plugins that allow you to do that.
Want to set up a full-service online support center, or create a lively discussion forum and start building a community around your brand? You can do that, too, and a whole lot more.
There is, of course, a catch.
The more third-party plugins you use, the more likely it is that one of them contains malicious code. The WordPress.org development team keeps a watchful eye on all the plugins created in support of their CMS. In general, they do a good job of rooting out problematic plugins, but once in a while, something falls through the cracks.
Case and point: the “Display Widgets” plugin. Originally developed by Stephanie Wells, the plugin garnered a small but loyal following of some 200,000 users. Unfortunately, Ms. Wells lacked the time to properly support it, and sold the plugin to another company.
That’s when the trouble started.
With the very first update the new owners released (version 2.6.0), security researchers noticed malicious activity stemming from a new php file called “geolocation.php.” The code contained in this new file was collecting user data including IP addresses and user-agent strings and sending the data to a third-party server.
When WordPress was notified, they promptly took the plugin down.
The developer made a few changes and resubmitted it, gaining approval, but the malicious code was found to still be present – simply more cleverly hidden.
The plugin was again taken down, but the new owners were undaunted.
In all, they played four rounds of this game with WordPress, before the WP moderators took direct control over the code and banished it for good.
Although the company has made a clean version of the plugin available to those who are using it, there’s no way to tell how many of its 200,000+ users have updated to the latest version. If your company is using the plugin “Display Widgets,” be sure you’re running version 2.7.0, released by the WordPress.org team, which is verified clean.
SAP, the German enterprise software giant, today announced an acquisition to strengthen its hybris e-commerce division. It has acquired Gigya, a firm that helps online properties manage customer identities and profiles. Terms of the deal have not been disclosed officially, but our sources tell us it is for $350 million. This was the same figure that was reported yesterday when the news leaked… Read More
If you haven’t heard the term “Bashware,” you’re not alone, but in the weeks and months ahead, you can bet you’ll be hearing more about it.
Recently, Microsoft rolled out a new feature for Windows 10 users called WSL, which is a Windows Subsystem for Linux. It makes use of the popular “Bash” terminal, which allows Windows users to run apps native to the Linux world, which is very handy in some situations.
Unfortunately, there’s a problem. The security firm Check Point uncovered a hacking technique it dubbed “Bashware.” It allows a hacker to circumvent any and all Windows-based security measures you may have in place, because Windows 10 does not currently monitor the processes of Linux executables.
In terms of scope and scale, that means that all 400 million plus machines currently running Windows 10 are vulnerable, which probably means that every machine in your company’s network is vulnerable.
A spokesman for Check Point had this to say about their recent discovery:
“Bashware is so alarming because it shows how easy it is to take advantage of the WSL mechanism to allow any malware to bypass security products. We tested this technique on most of the leading anti-virus and security products on the market, successfully bypassing them all.”
Microsoft is not taking the news lying down. They have already taken steps to minimize the impact of this flaw, but therein lies the other problem.
A lot of the potential exploits of the WSL subsystem could be launched from third-party apps that reside outside Microsoft’s control. The tech giant is currently working with these companies to shore up security and minimize risk, but it remains to be seen how receptive third-party developers will be to securing the products they’re selling.
In any case, Microsoft seems reluctant to pull the plug on their new feature, which means there’s a new threat on the horizon.
Technophiles rejoice! SanDisk has just announced a new 400GB microSD card, which is good news for just about everyone.
Let’s face it, even if you’re not a technophile, you probably hate the idea of deleting photos or videos you’ve taken. But when storage space gets tight, you’ve probably found yourself in the position of having to make some hard choices about what to keep and what to toss.
The newly announced microSD card will go a long way toward rendering decisions like those a thing of the past as the tiny card can hold up to a staggering 40 hours of HD video. Even better, it boasts transfer speeds of up to 100MBps, which is more than a thousand photos per minute, and that’s big news for all the power selfie-takers out there.
Not only does the new card offer plenty of space, but it’s also fully compatible with the SanDisk Memory Zone app, which makes it a simple matter to find, organize, transfer and back up your data, and the card is shock, temperature, water, and even X-ray proof to boot!
Jeff Janukowicz, the SanDisk Research Vice President had this to say during the announcement:
“Mobile devices have become the epicenter of our lives, and consumers are now accustomed to using their smartphones for anything from entertainment to business. We are collecting and sharing massive amounts of data on smartphones, drones, tablets, PCs, laptops, and more.”
Mr. Janukowicz is certainly correct on that front, and his company is clearly doing all they can to make it easier than ever to store and maintain our growing oceans of data. The new chips are on sale now, and the best part is that they’re priced at less than $250, making them accessible to a broad swath of the market.
Good news indeed, and kudos to SanDisk!
It seems AI and machine learning are quickly becoming a must-have for today’s software. Apttus, the quote-to-cash service is putting AI to work in contract processing in an effort to speed up a highly inefficient system and close sales faster. Contracts have traditionally been a bottleneck in the sales process. As Apttus CEO and company founder Kirk Krappe explains it, there are a series… Read More
Google is launching a new way for businesses to give new phones to their employees: zero-touch enrollment. Traditionally, when you want to give a new phone to an enterprise user, chances are some poor admin has to deal with ensuring that the device is configured correctly and that all the right policies are in place. As the name implies, the new zero-touch enrollment feature, however, takes… Read More
Google Cloud Platform announced support for some powerful Nvidia GPUs on Google Compute Engine today. For starters, the company is making Nvidia K80 GPUs generally available. At the same time, it’s launching support for Nvidia P100 GPUs in Beta along with a new sustained pricing model. For companies working with machine learning workloads, having access to GPUs in the cloud provides… Read More
2415 E Camelback Rd
Suite 700, PMB 7019
Phoenix, AZ 85016