In the second half of 2021 the AT&T Managed Threat Detection and Response (MTDR) security operations center (SOC) observed an increasing number of attacks against vulnerable Exchange servers. A number of these attacks were attempting to leverage proxyshell vulnerability to gain access to customer’s networks.

There’s never a dull moment at Snyk and for our Channel team that it’s been especially rewarding. We’re very excited to say that this week Snyk Infrastructure as Code (Snyk IaC) was named the winner of the cloud security category for the 2021 CRN Tech Innovator award. The full list of winners, unveiled earlier this week, showcases innovative vendors in the IT channel across 47 different technology categories, in key areas ranging from cloud to storage to networking to security.

Managing application resources at scale can be tricky business. As such, many DevOps and AppSec teams turn to using a declarative framework rather than writing individual scripts to deploy, manage, and maintain access controls for their resources. For Azure environments, Azure Resource Manager (ARM) is this management layer that allows teams to manage their infrastructure as code (IaC) through declarative ARM templates.

This week marks our mid-year kick-off. It’s our all-company meeting that, like Arctic Wolf, gets bigger each year with hundreds of new team members joining us from around the world—many for the first time. With so much new hiring (we’re on pace to nearly double ourselves, again), I’m continually reminded of our Wolf Pack’s talent, dedication, and drive for success, and I’m proud to work alongside these professionals daily.

Red Hat® OpenShift® Container Platform (OCP) is an enterprise-grade Kubernetes platform for building, deploying, running, and managing containerized applications in a hybrid world. The reality is that with Red Hat OCP, building, deploying, running, and managing containerized workloads couldn’t be any easier.

Cloud Access Security Brokers (CASB), also known as Cloud Security Gateways, were created to address the increasing cloud security problems facing organizations as cloud and application usage increased over the last decade.

If you’re like most of the complex IT shops we talk with, you probably don’t even have a current security matrix to store anywhere – file cabinet or data folder. The connectivity matrix is essentially the company security posture, but almost no one has a comprehensive way to visualize and easily understand the connectivity status between the various configured security policies (zone-to-zone policies).

Looking to become certified to the ISO 27001 standard? In this article you will learn what ISO 27001 is, the key terms and definitions, information security risks you need to consider, and the process for meeting your compliance and certification requirements.

On its surface, CVE-2021-42292 doesn’t look like the kind of vulnerability that a network-based tool can find reliably. Marked by Microsoft as a local file format vulnerability, security veterans would expect that between encryption and encoding, there would be a million different ways to evade network detection with a weaponized exploit.

The Open Web Application Security Project (aka OWASP) recently announced its latest updates to the venerable OWASP Top Ten list. This publication is meant to bring attention to the most common classes of software-related security issues facing developers and organizations in the hopes of helping them to better plan for and address potential high-severity issues in their codebases.