Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Monitor Auth0 with Datadog

Auth0 provides identity as a service (IDaaS), allowing you to secure your apps and APIs without having to write your own authorization code. Auth0 can work with social identity providers (IdP) like Google and Facebook so your users can access your app by using their existing accounts for authentication. You can also use an existing enterprise identity provider (e.g., LDAP) to allow your users to leverage single sign-on (SSO) across multiple apps.

Next generation firewall (NGFW) explained: What is a NGFW?

Traditional firewalls have been around for decades. But NGFWs, uninhibited by the same technology limits, take advantage of significant advancements in storage space, memory, and processing speeds. The feature set for NGFWs build upon traditional firewall features by including critical security functions like intrusion prevention, VPN, and anti-virus, and even encrypted web traffic inspection to help prevent packets containing malicious content from entering the network.

API Authorization at the Gateway with Apigee, Okta, and OPA (Part 2)

This is the second post in a two-part series about enforcing API authorization policies using Apigee, Okta and OPA. While the first post explained how to set up all three to work together, this post dives into detail on the policies that go along with the working code. The application we will be discussing is based on a hypothetical medical insurance provider Acme Health Care.

Dangerous Docs: Surge in Cloud-delivered Malicious Office Documents

The global pandemic caused an abrupt shift to remote work among enterprise knowledge workers, which in turn resulted in an increase in risky behavior. Attackers immediately tried to capitalize on the pandemic, with COVID-19-themed phishing emails, scams, and Trojans. At the same time, techniques used in more sophisticated cyberattacks continued to evolve.

Fix now: High risk vulnerabilities at large, September 29th

Since the global pandemic we’ve been writing about the latest CVEs to look out for in our risk based vulnerability management blog. As we head into the Autumn and the nights begin to draw in, threat actors continue to exploit vulnerabilities and cause disruption. Let’s take a look at some that have raised their profile in the last couple of weeks

Kubernetes Q3-2020: Threats, Exploits and TTPs

Kubernetes has become the world’s most popular container orchestration system and is taking the enterprise ecosystem by storm. At this disruptive moment it’s useful to look back and review the security threats that have evolved in this dynamic landscape. Identifying these threats and exploits and being a proactive learner may save you a lot of time and effort…as well as help you retain your reputation in the long run.

What makes ARMO customers immune - by design - against vulnerabilities like the recently discovered CVE-2020-14386?

CVE-2020-14386 is yet another severe vulnerability that was recently discovered in the Linux kernel. It reminds us that the fight against vulnerabilities is not over. This particular one allows a regular application to escalate its privileges and gain root access to the machine. Indeed, it sounds scary.

Find the Correct MSSP or Build an Efficient SOC? (Part 2)

Many organizations don’t rely on outsourced security solutions such as MSSP. Rather, they prefer building their own SOC to combat nefarious cybersecurity threats and attacks. However, it is vital to know how an effective SOC is built and what should be its essential security ingredients.

Redscan Labs releases Zerologon detection tool

Zerologon (CVE-2020-1472) is a critical vulnerability in the Windows Server Netlogon process authentication process. Following our recent Security Advisory, immediate patching of the vulnerability is strongly advised. To help determine whether your organisation has been compromised as a result of an attacker exploiting the vulnerability (even prior to a patch being installed), Redscan Labs has developed a Zerologon detection tool.

Can SAST tools improve developer productivity?

Organizations are increasingly agile today, producing and deploying software applications faster than ever before. But this requires all the elements in the software development life cycle (SDLC) to work together cohesively. Security practices in the SDLC become especially important, given that more than half of security flaws result from preventable coding mistakes. Ensuring that developers are on board with security practices is even more critical to improve the process efficiency.