Many organizations have DevOps on their mind going into 2019. This is a global movement. In fact, Puppet and Splunk received responses for their 2018 State of DevOps Report from organizations on every continent except Antarctica. Those organizations varied in their industry, size and level of DevOps maturity, but they were all interested in learning how they could advance their DevOps evolution going forward.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Looks like 2019 starts as busy as the previous year ended, breaches and failures all around. Let’s start with a pretty dumb but not uncommon issue – someone entering the wrong email address. How bad can that go?
Meet the hacker europa, a white hat hacker on the Detectify Crowdsource platform. He is based in Italy with a great passion for infosec and relatively new to the bug bounty scene, but seasoned in infosec. We asked him about the kind of bugs he likes to find, why he joined Crowdsource and how persistence helped him turn a duplicate finding into a bug with 8 different bypasses.
In this latest SnapSecChat video series, our CSO, George Gerchow, talks about the imperative for building the next-gen security operations center (SOC) of the future. Why? Because today’s IT landscape is becoming increasingly complex and cloud-based.
We are pleased to announce the release of the ionCube24 app for iOS and Android! With it, you can access ionCube24 wherever you are and monitor your site for performance and security issues. This is a big step forward for ionCube24 giving you ease of access for monitoring your website wherever you are. With notifications and in-app management options you can be aware of issues immediately and act fast. Take a look below to see what the ionCube24 app can do.
Developed by Lockheed Martin, the Cyber Kill Chain® (CKC) framework is part of the Intelligence Driven Defense® model for the identification and prevention of cyber intrusions activity. The model identifies what adversaries must complete in order to achieve their objective.
With 2018 in the rear-view mirror, the information security industry is now fully invested in 2019. The new year will no doubt present its fair share of challenging digital security threats. But so too will the year enable infosec professionals to discuss shared difficulties at conferences and summits.
Is your CSIRT team facing too many security alerts? Is your SOC has various security products that are jumbled together? Are you worried about setting the sensitivity of each product? How a severity level should be assigned to each imminent incident? These questions are hard to answer by today’s security professionals. However, security orchestration plays a crucial role in helping experts to address these questions.
While automated tools often enable your compliance management system (CMS), the CMS is less a technology and more a corporate compliance program. A compliance management system looks like a series of policies, procedures, and processes governing all compliance efforts. However, as more companies embed technology across the enterprise and more compliance requirements focus on cybersecurity, information security integrates across the CMS.
