Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

March 2024

mend

Breaking: What is Going on with the NVD? Does it Affect Me?

Mar 14, 2024 By AJ Starita In Mend
Headed by NIST, an American government institution, the National Vulnerability Database (NVD) contains vulnerability data that’s been key to protecting organizations both within and without the US borders for more than 20 years. Many security policies from both commercial and government organizations require that vendors take care of vulnerabilities of a particular severity as given by the NVD within a certain number of days.
Read Post
panoptica

Are your APIs secure? Try our new free tool: API Specification Evaluator

Mar 14, 2024 By Rami H. In Panoptica
Test API specification With the growing footprint of APIs, there is a strong need for secure-by-design APIs. A design blueprint of an API would be a helpful start in determining the security standard of an API. Fortunately, APIs have that blueprint known as an OpenAPI Specification. API Specifications play a crucial role in ensuring the security and functionality of APIs.
Read Post
CalCom

Access This Computer From the Network - Best Practices for DC and Member Servers

Mar 14, 2024 By John Gates In CalCom
This policy enables users on the network to establish connections with the computer, and it’s necessary for several network protocols such as Server Message Block (SMB), NetBIOS, Common Internet File System (CIFS), and Component Object Model Plus (COM+).
Read Post
Trustwave

Trustwave Named a Representative Vendor in 2024 Gartner Market Guide for Co-Managed Security Monitoring Services

Mar 14, 2024 By Trustwave In Trustwave
Trustwave has been named a Representative Vendor in Gartner just released the 2024 Market Guide for Co-Managed Security Monitoring Services. Gartner estimates that there are more than 500 vendors who offer co-managed security monitoring services. Trustwave was listed as a Representative Vendor that does not imply an exhaustive list.
Read Post
keeper

Can MFA Be Bypassed by Cybercriminals?

Mar 14, 2024 By Tim Tran In Keeper
Enabling Multi-Factor Authentication (MFA) is a cybersecurity best practice that helps protect online accounts from unauthorized access; however, not all forms of MFA are created equally in terms of security. There are ways that cybercriminals can bypass MFA. Some MFA methods are more vulnerable to cyber attacks and are often exploited by cybercriminals. There are methods of MFA that do a better job of protecting your online accounts; you just have to choose the correct option.
Read Post
Feroot

Ensuring PCI DSS 4.0 Compliance with Feroot: A Deep Dive into Requirement 6.4.3

Mar 14, 2024 By Feroot In Feroot
The Payment Card Industry Data Security Standard (PCI DSS) 4.0, issued a comprehensive set of requirements, to safeguard online payment systems against breaches and theft of cardholder data. Requirement 6.4.3 is one of the critical components for businesses that take online payment and focuses on the management and integrity of scripts on webpages that take payment card (i.e.m credit card) payments.
Read Post
Torq

Beyond the Hype: How Torq's AI-Driven Innovations Are Transforming Security Automation

Mar 14, 2024 By Leonid Belkind In Torq
It has been over a year and a half since the latest generative AI revolution descended upon the world. All IT markets have seen a wave of both new AI products, as well as AI-driven capabilities in existing products being introduced with a breakneck pace.
Read Post
tigera

Using webhooks to boost cloud-native application security

Mar 14, 2024 By Davide Sellitri In Tigera
In the ever-evolving landscape of cloud-native applications built with containers and Kubernetes, webhooks serve as the communication backbone, facilitating seamless integration between various components, especially in the realms of security, networking, and troubleshooting. This is further amplified when combined with popular collaboration tools such as Jira and Slack.
Read Post
Forward Networks

How a Fortune 500 Financial Services Company Solved its MTU Issues with a Network Digital Twin

Mar 14, 2024 By Dawn Slusher In Forward Networks
In the world of networking, misconfigurations and inconsistencies can lead to significant issues for businesses, especially those in highly regulated industries such as financial services. One Fortune 500 financial services company experienced a nightmare scenario with their MTU (Maximum Transmission Unit) settings, resulting in application and performance problems. Fortunately, the company found a solution in Forward Networks' digital twin.
Read Post
11:11 systems

Which Cloud Provider Is Secure By Default?

Mar 14, 2024 By Brandon Leiker In 11:11 Systems
Much like our own blood, data is the lifeblood that flows through the arteries of business today. Organizations must ensure that data is protected appropriately based on that data’s sensitivity, criticality, and regulatory or contractual requirements. These protections are provided through administrative, technical, and physical controls. The primary goal of these controls is to provide preventative, detective, or corrective capabilities.
Read Post

No Laughing Matter: Detecting LOLs with LimaCharlie

Mar 14, 2024 By LimaCharlie In LimaCharlie
Living Off the Land (LOL) is a favorite adversarial past time. LOL’s present unique challenges as they blend easily with system “noise”, requiring careful detections that don’t drown your analysts in false positives. However, within unique challenges we can also find unique opportunities. Join us for this webinar to learn how to utilize LimaCharlie’s detection and response capabilities to identify malicious LOL activity across multiple platforms, and gain an edge against adversarial activity.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.