Snyk Security for Atlassian Bitbucket Cloud Demo
Snyk helps software-driven businesses develop fast and stay secure. In this video, you'll learn how to get started with Snyk using Atlassian Bitbucket Cloud.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Security
Capture the Flag 101
Learn how to participate in a capture the flag (CTF) challenge with a hands-on JS demo hosted by Micah Silverman, Kyle Suero and Brian Clark.
Springing 4 Shells: The Tale of Two Spring CVEs
The Splunk Threat Research Team (STRT) has been heads-down attempting to understand, simulate, and detect the Spring4Shell attack vector. This post shares detection opportunities STRT found in different stages of successful Spring4Shell exploitation. At the time of writing, there are two publicly known CVEs: CVE-2022-22963, and CVE-2022-22965. The Splunk Security Content below is designed to cover exploitation attempts across both CVEs.
Monitoring AWS networks at scale
Corelight is pleased to announce our integration with AWS’s Traffic Mirroring to Gateway Load Balancer (GWLB) Endpoint as a Target. This integration simplifies the monitoring of network traffic and generating Corelight data in massively scaled-out public cloud environments. When it comes to monitoring network traffic today, we see two primary deployment patterns, each with their own pain points.
SecurityScorecard together with SessionGuardian
Instantly view your organization’s cybersecurity posture + continuously monitor and verify identity.
Identity-Based Data Security on AWS
Speakers: Dave Cole, CEO of Open Raven Ev Kontsevoy, CEO of @Teleport Modern data drives business value. But the speed with which it is created and accessed across a global AWS footprint increases risk considerably. The old ways of securing data – VPNs, shared credentials stored in a secure vault, offsite backups – are no longer sufficient and don't work at cloud-scale. Join Teleport CEO Ev Kontsevoy and Open Raven CEO Dave Cole as they present a practical view of modern data security in two parts.
How to Migrate Your Legacy CurrentWare Software to the New Web Console (2022 Tutorial) | CurrentWare
In this video you will learn how to easily upgrade from the legacy desktop version of the CurrentWare Suite to the new web console. By upgrading to the web console you'll gain access to a variety of new capabilities.
A Look Back at the Executive Order on Cybersecurity
It has officially been one year since the release of the Biden administration’s Executive Order on Cybersecurity, which outlines security requirements for software vendors selling software to the U.S. government. These requirements include security testing in the development process and a software bill of materials for the open-source libraries in use so that known vulnerabilities are disclosed and able to be tracked in the future, among other things.
This Password Has Appeared in a Data Leak: How to Respond
“This password has appeared in a data leak, putting this account at high risk of compromise. You should change your password immediately” – if you own an iPhone or iPad running on iOS 14 or above, you may have received this worrying message lately. Apple rolled out this feature across both devices and Macs as a cybersecurity feature. If you have received this notification, you might be wondering what it means and what to do next. Read on to learn more.
Impact Analysis: CVE-2022-29218, Allows Unauthorized Takeover of New Gem Versions via Cache Poisoning
It’s been a bad month for RubyGems vulnerabilities. Critical CVE-2022-29176 was issued May 8, 2022, and another critical CVE-2022-29218 was discovered less than a week later, on May 11. This new vulnerability would allow for a takeover of new versions of some platform-specific gems under certain circumstances.