By its general purpose nature, Open Policy Agent (OPA) allows for a unified way of dealing with policy across a wide range of use cases. One particularly interesting use case for OPA, and one which will be the focus of this series of blogs, is that of application authorization (or entitlements, or simply, authorization).

We’re excited to announce that Snyk and TopCoat are joining forces. TopCoat and its founders — Seth and Josh Rosen — are well established and respected in the data analytics space. They’ve built a powerful data analytics platform that simplifies building data applications through an integration with dbt, allowing data analysts and engineers to quickly create highly customized data reporting and visualizations.

Hacking has always felt like a superpower to me. It is a skill that I have worked on and learned with time. I was introduced to this field by my brother, he is my role model and I have always followed in his footsteps. Once I stepped into this field, there was no turning back. I knew this is what I want to excel at and be known for.

Modern cyberattacks are multifaceted, leveraging different tools and techniques and targeting multiple entry points. As noted in the CrowdStrike 2022 Global Threat Report, 62% of modern attacks do not use traditional malware and 80% of attacks use identity-based techniques, meaning that attacks target not only endpoints, but also cloud and identity layers with techniques that many legacy solutions have no visibility of or means of stopping.

At the start of 2022, CrowdStrike Intelligence and CrowdStrike Services investigated an incident in which PROPHET SPIDER exploited CVE-2021-22941 — a remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller — to compromise a Microsoft Internet Information Services (IIS) web server. The adversary exploited the vulnerability to deploy a webshell that enabled the downloading of additional tools.

Creating and remembering strong, unique passwords can be a challenge, and resetting them when you forget can be annoying and time-consuming. But it doesn’t have to be this way. If you adopt a password manager like 1Password, you can instantly generate and safely store all your passwords in one place.

Like most of us around the world, I’ve been shocked by the current situation in Ukraine. I’m saddened by the images of families being torn apart and fleeing their homes. This brings to mind the story of my own grandmother, who had to leave her native country of Austria, with nothing more than a small bag and my infant mother in her arms.

CurrentWare’s suite of user activity monitoring, web filtering, device control, and remote PC power management software has been verified as Citrix Ready®. The Citrix Ready program helps users of Citrix Virtual Apps and Desktops (formerly Citrix XenApp and XenDesktop) identify third-party solutions that are verified as compatible with a Citrix VDI deployment.

Forescout’s Vedere Labs, in partnership with CyberMDX, have discovered a set of seven new vulnerabilities affecting PTC’s Axeda agent, which we are collectively calling Access:7. Three of the vulnerabilities were rated critical by CISA, as they could enable hackers to remotely execute malicious code and take full control of devices, access sensitive data or alter configurations in impacted devices.

Asset inventory is a significant part of a comprehensive security plan for all organizations. After all, if you do not know what assets you have, then you cannot manage them. Even a small company can amass a surprisingly large amount of assets. It is no surprise that accounting for all of these assets can be like chasing a moving target, as new and old assets must be accounted for, and conversely, decommissioned assets must also be removed.