Don't let compliance & security haunt you: What to expect in an audit

It’s Cyber Security Awareness Month, and many IT professionals are being haunted by the thought of gearing up for a security and compliance audit. Preparing for an IT audit can take months of planning. It can be time-consuming, uncomfortable, and stressful. Guess what else takes a long time and can be uncomfortable and stressful? Creating a human!


Elasticsearch Audit Logs and Analysis

Security is a top-of-mind topic for software companies, especially those that have experienced security breaches. Companies must secure data to avoid nefarious attacks and meet standards such as HIPAA and GDPR. Audit logs record the actions of all agents against your Elasticsearch resources. Companies can use audit logs to track activity throughout their platform to ensure usage is valid and log when events are blocked.


How to Effectively Prepare for a HIPAA Compliance Audit

The Department of Health and Human Services’ Office for Civil Rights (OCR) conducts periodic audits to verify that covered entities (CEs) and their business associates (BAs) are complying with HIPAA regulations. This article will discuss the steps organizations can take to ensure they pass a HIPAA compliance audit by having the proper data privacy and security measures in place for protected health information (PHI) and electronically protected health information (ePHI).

ignyte Team

CMMC Audit: What is it and how to prepare for it

Business owners whose revenue streams depend significantly or partially on government contracts have been recently faced with the mandatory emerging regulations called Cybersecurity Maturity Model Certification, also known as CMMC. All organizations working with the Department of Defense (DoD) and Federal government as their prime or subcontractors must be audited against these requirements by a competent third-party CMMC auditor.


Increase compliance with Kafka audits

Suppose that you work for a government tax agency. You recently noticed that some tax fraud incident records have been leaked on the darknet. This information is held in a Kafka Topic. The incident response team wants to know who has accessed this data over the last six months. You panic. It is a common requirement for business applications to maintain some form of audit log, i.e. a persistent trail of all the changes to the application’s data to respond to this kind of situation.


Assessing security risks with Kafka audits

Suppose that you work for the infosec department of a government agency in charge of tax collection. You recently noticed that some tax fraud incident records went missing from a certain Apache Kafka topic. You panic. It is a common requirement for business applications to maintain some form of audit log, i.e. a persistent trail of all the changes to the application’s data. But for Kafka in particular, this can prove challenging.


Can They Really See That Data? Auditing Access Controls Across Environments

"Who has access to sensitive financial data in our organization?" Assuming you have a definition of what "sensitive financial data" means for your organization, can you easily answer this question? If you needed to perform an audit to verify only the appropriate people have access, what actions would you take?


Detect suspicious activity in GCP using audit logs

GCP audit logs are a powerful tool that track everything happening in your cloud infrastructure. By analyzing them, you can detect and react to threats. Modern cloud applications are not just virtual machines, containers, binaries, and data. When you migrated to the cloud, you accelerated the development of your apps and increased operational efficiency. But you also started using new assets in the cloud that need securing.


Learn how to comply now before your next audit

Are you struggling to keep up with manual compliance across your infrastructure? In this 25-minute episode of the Pulling the Strings podcast, powered by Puppet, learn how Puppet Comply makes automating your configuration compliance easy -- with full view dashboards and the ability to assess, remediate and enforce all through the Puppet Enterprise solution. Listen in and discover:


Collect and monitor Microsoft 365 audit logs with Datadog

Microsoft 365 is a suite of cloud-based productivity and communication services that includes Microsoft Office applications (including OneNote and OneDrive) as well as other popular Microsoft tools like Skype and Teams. Microsoft 365 tools and services are at the core of many organizations’ data management and day-to-day workflows, so monitoring activity across your environment is key to making sure that these services remain secure and meet compliance standards.