Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

New Cyberark and GitGuardian Integration: Keeping Your Secrets Secure

Mar 5, 2024 By GitGuardian In GitGuardian
Explore the industry-first solution designed to empower security and development teams in securing secrets across multi-cloud, DevOps, and containerized environments. Discover innovative use cases, from detecting public GitHub leaks to enforcing secret management policies. Don't miss this opportunity to delve into the future of secrets security with our very own Mackenzie Jackson from GitGuardian and special guests Evan Litwak and David Hisel from CyberArk. Save your spot now for an engaging conversation redefining your approach to secret protection in software development.
View Video

Introducing GitGuardian Honeytoken Deployment Jobs

Mar 5, 2024 By GitGuardian In GitGuardian
With GitGuardian Honeytoken Deployment Jobs, you can quickly add honeytokens to any private repo with just a few clicks. In this new automated process, GitGuardian will check the type of code in the repo and, based on the context, generate a new file populated with a unique honeytoken. It will then create a new merge request ready for your team's review so you can add in a honeytoken with very little effort.
View Video

Quick Kubernetes SBOM Integration: Secure Your Cluster with SBOM Observer in a few seconds

Mar 5, 2024 By Bytesafe In Bytesafe
Discover the fastest way to enhance your Kubernetes security and compliance! With SBOM Observer's new Kubernetes integration, you can generate and upload SBOMs for your entire cluster in just a few seconds using our CLI. This approach offers a holistic SBOM-centric overview, enabling vulnerability detection and management across environments. Level up your cybersecurity strategy today and ensure your environments remain compliant.
View Video
CalCom

How to Prevent Brute Force Attacks

Mar 5, 2024 By By John Gates In CalCom
A brute-force attack is a trial-and-error method hackers use to guess login information, and encryption keys, or find hidden web pages. In a brute force attack, an attacker tries as many combinations as possible, systematically incrementing through all possibilities until the correct password is discovered. This can be done manually, but it is usually automated using specialized software tools designed for this purpose.
Read Post
mend

Mend.io Launches Mend AI

Mar 5, 2024 By AJ Starita In Mend
Securing AI is a top cybersecurity priority and concern for governments and businesses alike. Developers have easy access to pre-trained AI models through platforms like Hugging Face and to AI-generated functions and programs through large language models (LLMs) like GitHub Co-Pilot. This access has spurred developers to create innovative software at an enormously fast pace.
Read Post
CalCom

Windows NT Lan Manager Hardening Best Practices

Mar 3, 2024 By John Gates In CalCom
Windows New Technology LAN Manager (NTLM) is an outdated challenge-response authentication protocol developed by Microsoft. Despite being surpassed by Kerberos, NTLM remains in use as a form of Single Sign-On (SSO), allowing users to authenticate to applications without directly providing their passwords.
Read Post
CalCom

LAN Manager authentication level best practices

Mar 1, 2024 By By John Gates In CalCom
LAN Manager (LM) authentication level is a security setting that determines how Windows systems authenticate network connections. It is a legacy authentication protocol developed by Microsoft for use in older versions of Windows network operations. There are three main protocols involved in LAN Manager Authentication: The LAN Manager Authentication Level setting allows you to choose which protocols your system will use or accept for authentication.
Read Post
armo

The Kubernetes network policies you need today

Feb 29, 2024 By Ben Hirschberg In ARMO
In the dynamic world of Kubernetes, container orchestration is just the tip of the iceberg. In this sophisticated ecosystem, you must prioritize security efficiency. Kubernetes’ robust, open-source platform has been revolutionary in automating the deployment, scaling, and management of application containers. Yet, such capability comes with significant responsibility, particularly in network security. Here, the role of network policies becomes crucial.
Read Post
CalCom

Securing Your Network: RPC Endpoint Mapper Authentication and Hardening

Feb 29, 2024 By By John Gates In CalCom
This policy setting determines if RPC clients authenticate with the Endpoint Mapper Service when their call includes authentication data. The Endpoint Mapper Service on Windows NT4 (all service packs) is unable to process authentication data provided in this manner. Disabling this policy means RPC clients won’t authenticate with the Endpoint Mapper Service, but they can still communicate with it on Windows NT4 Server. The recommended state for this setting is: Enabled.
Read Post
mend

What is the difference between an SCA scan and a container scan?

Feb 29, 2024 By AJ Starita In Mend
Are Software composition analysis (SCA) scans and container scans the same thing? The short answer is yes… and no. A comprehensive container image scan applies SCA specifically to containers in combination with other analyses particular to containers, such as how they’re configured to deploy and the presence of secrets. Read on to learn the key differences.
Read Post
Subscribe to DevOps

Copyright © 2024 OpsMatters™. All rights reserved.