Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

An Analysis of Ransomware Encryption Speeds by Splunk SURGe

Mar 29, 2022 By Splunk In Splunk
Did you know the median time for ransomware to encrypt nearly 100,000 files is 42 minutes and 52 seconds? This speed is likely beyond the capabilities of most organizations to respond effectively before encryption is complete. These findings are the result of research published by SURGe, Splunk’s strategic cybersecurity research team.
View Video

The Comprehensive Approach to Cybersecurity Assessment and Testing | Cyphere

Mar 29, 2022 By Cyphere In Cyphere
Cyphere is a cybersecurity assessment and testing company that quickly identifies the weakest points in an organisation's cyber security. We do this by using the best practices to simulate real-world attacks against your systems. The goal is to identify potential risks before they can lead to a potential disaster.
View Video
teleport

How to Configure SSO for AWS Resources with Okta and SAML

Mar 29, 2022 By Janakiram MSV In Teleport

This blog is part of a series on how to provide identity-based access to AWS resources. In the first tutorial, we saw how to set up an identity-aware AWS bastion host using the OSS solution, Teleport. In this blog, we will expand the scenario to use a single-sign-on (SSO) authentication mechanism to issue certificates to specific groups of users to access AWS resources.

Read Post
Octiga

Secure Office 365 with PowerShell via the CIS approach - Pt 2

Mar 29, 2022 By Octiga In Octiga
This is the second blog in a multi part series helping admins, service providers, consultants and security admins to check and achieve a level of security control in Office 365. Part 1 of this series covered the basic PowerShell commands for Authentication through CIS, here we will talk about ‘Audit’.
Read Post
sysdig

Digital Forensics Basics: A Practical Guide for Kubernetes DFIR

Mar 29, 2022 By Alberto Pellitteri In Sysdig

Containerization has gone mainstream, and Kubernetes won out as the orchestration leader. Building and operating applications this way provides massive elasticity, scalability, and efficiency in an ever accelerating technology world. Although DevOps teams have made great strides in harnessing the new tools, the benefits don’t come without challenges and tradeoffs.

Read Post
Snyk

Building a secure GraphQL API with Node.js

Mar 29, 2022 By Lawrence Eagles In Snyk

GraphQL provides security straight out of the box with validation and type-checking. However, it doesn’t fully address security concerns around APIs. In this article, we’ll learn how to secure GraphQL APIs by building a simple Node.js application using Fastify and GraphQL. According to its official documentation, GraphQL is a graph query language for APIs and a runtime for fulfilling those queries with our data.

Read Post
veracode

The Public Sector Has the Highest Proportion of Security Flaws of Any Industry

Mar 29, 2022 By Hope Goslin In Veracode

We recently launched the 12th annual edition of our State of Software Security (SOSS) report. To draw conclusions for the report, we examined the entire history of active applications. For the public sector data, we took the same approach. We examined the entire history of applications for government agencies and educational institutions. We found that the public sector has the highest proportion of security flaws of any industry.

Read Post

Security at ServiceNow (feat. Karl Klaessig) - The Big Fix 2022 by Snyk

Mar 29, 2022 By Snyk In Snyk
Karl Klaessig, Director of Product Marketing and Security Operations at ServiceNow joins Randall Degges, Head of Developer Relations and Community at Snyk to discuss security challenges and how they approach them at ServiceNow. The Big Fix brought together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure through a month of fixing vulnerabilities, ending in a 24-hour livestream event.
View Video
Trustwave

How to Get Security Peace of Mind Against Advanced Email Threats

Mar 29, 2022 By Trustwave In Trustwave

The dangers of email security are often understated. One successful email attack can lead to malware injection, system compromise, impersonation, espionage, ransomware and more. After all, phishing remains the top attack vector used by hackers. The FBI reported phishing scams were extremely prominent, with 323,972 complaints being made in the U.S. in 2021, compared to 241,342 the previous year. Adjusted losses resulting from these attacks is more than $44 million, a $10 million decrease from 2020.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.