All news with #telemetry tag

🔍 The Falcon macOS sensor (v7.29+) delivers Enhanced Network Visibility, an opt-in capability that augments process telemetry with protocol and TLS-inspection attributes. It parses plaintext HTTP, extracts TLS Client Hello details including JA4 fingerprints, and identifies application protocols across ports while minimizing impact via Apple content filter APIs. New Next‑Gen SIEM events (HttpRequest, HttpResponse, TlsClientHello, AppProtocolDetected) expose the telemetry for detection and hunting workflows, and the feature can be enabled from Mac Prevention Policies in the Falcon UI.

🔍 A commissioned Forrester Consulting study for NETSCOUT (October 2025) reports that 61% of respondents say analysts spend more than ten hours a week in the analyze phase. The piece argues this is not a time-management issue but a clarity problem caused by partial context, dispersed data, and incomplete logs that force manual correlation. It highlights how stronger Network Analysis and Visibility (NAV) can shrink investigations and reduce burnout, and positions Omnis Cyber Intelligence as a platform delivering packet-level truth, correlated metadata, hybrid visibility, and simplified, three-click investigations.

📡 Cloud Observability now accepts OTLP for metrics in Cloud Monitoring, extending prior OTLP trace support. Using OpenTelemetry and the OTLP format, customers can send provider-agnostic metrics via the OpenTelemetry SDK and Collector directly to Cloud Monitoring, with storage and query parity with Managed Service for Prometheus. The rollout unlocks DELTA metrics, exponential histograms, dotted metric names and label keys, direct SDK exports for very high-volume sources, and zero-code auto-instrumentation options.

🔒 Many security leaders live with a practical paradox: the organization that appears secure on paper often coexists with a messier, attacker-facing reality. The author uses Schrödinger’s cat to show that without direct observation—alerts, correlated logs, or third-party findings—you cannot know whether you are safe or compromised. The piece reframes security as an observation problem, urging measurement of telemetry coverage, operationalized threat hunting, and cultural change that rewards surfacing ambiguity rather than hiding it.

🔍 The near-total internet blackout Iran imposed on January 8 may offer SOC teams a rare chance to observe and digitally fingerprint government-controlled traffic. Vendors argue that with residential and business noise silenced, remaining connections likely originate from state assets, making them high-confidence signals for threat modeling and short-term intelligence collection. Analysts caution, however, that sophisticated state actors can deceive attribution, legitimate government traffic may be benign, and routing artifacts often disappear once services are restored, so captured data should be treated as contextual input, not definitive proof.

📈 The Amazon Managed Service for Prometheus collector now supports discovery and scraping of Prometheus metrics from Amazon Managed Streaming for Apache Kafka (MSK) clusters without deploying agents. The agentless collector can target metrics exposed via the JMX exporter and the Node exporter, covering host-level, JVM-level, and broker-specific telemetry. This simplifies open monitoring for MSK, improves availability and scalability, and is available in all commercial regions where the service is offered.

📈 Amazon Web Services announced that the Amazon CloudWatch Agent can now collect shared memory utilization metrics from Linux hosts running on Amazon EC2 or in on‑premises environments. This complements existing memory metrics (free, used, cached) and captures memory used by large enterprise databases and in‑memory applications. Administrators can enable the feature in the agent configuration file to obtain accurate total memory usage for sizing and optimization. The capability is available in all commercial and AWS GovCloud (US) Regions; CloudWatch custom metrics pricing applies.

🔒 CloudWatch Application Signals is now available in AWS GovCloud (US-East) and AWS GovCloud (US-West), extending automated application observability to government and regulated workloads. The service automatically collects telemetry from Amazon EC2, Amazon ECS, Amazon EKS and AWS Lambda to provide real-time health, dependency visualization and anomaly detection. By eliminating manual instrumentation, it helps teams meet compliance and monitoring requirements while improving incident detection and resolution. For pricing and setup, consult the CloudWatch pricing page and Application Signals documentation.

📊 Amazon GameLift Servers now includes built-in telemetry metrics across all server SDKs and game engine plugins, powered by OpenTelemetry, to generate, collect, and export client-side metrics for game-specific insights. The feature can be configured to collect and publish telemetry from game servers running on managed Amazon EC2 and container fleets, supporting both pre-defined and custom metrics and exporting to Amazon Managed Service for Prometheus or Amazon CloudWatch. Visualizations are available via Amazon Managed Grafana and Amazon CloudWatch dashboards to help optimize resources, improve player experience, and surface operational issues. Telemetry is available in all supported regions except AWS China; see the GameLift Servers documentation for details.