Security

How to cybersecurity: Software supply chain security is much bigger than you think

Mar 21, 2022 By Jonathan Knudsen In Synopsys

Managing the risks of your software supply chain requires more than a basic understanding of the software components that make up your applications. My wife and I have four children, which means we’ve done a ton of shopping at Costco over the years. First it was diapers, then cereal, then every other kind of food, all of which provided significant savings for our family of six.

Read Post

Synopsys

Read more about How to cybersecurity: Software supply chain security is much bigger than you think

How to prepare for the next log4j

Mar 21, 2022 By Sysdig In Sysdig

View Video

Sysdig

Read more about How to prepare for the next log4j

WTF is Open Source

Mar 21, 2022 By Snyk In Snyk

Are you looking to join an existing open source project, but don’t know where to start? Interested in finding out more about open source software in general? Looking to start a personal project but don’t know what to base it on? If the answer is yes, this event could be for you. We will be hosting a panel discussion with amazing leaders within the OS space. They will share everything from how they got involved, what they are working on at the moment as well as share any tips and tricks they learnt along the way.

View Video

Snyk

Read more about WTF is Open Source

Protestware is trending in open source: 4 different types and their impact

Mar 21, 2022 By Benji Catabi-Kalman In Snyk

A few days ago, Snyk reported on a new type of threat vector in the open source community: protestware. The advisory was about a transitive vulnerability — peacenotwar — in node-ipc that impacted the supply chain of a great deal of developers. Snyk uses various intel threat feeds and algorithms to monitor chatter on potential threats to open source, and we believe this may just be the tip of a protestware iceberg.

Read Post

Snyk

Read more about Protestware is trending in open source: 4 different types and their impact

SOARs vs. No-Code Security Automation: The Case for Both

Mar 21, 2022 By Chris Tozzi In Torq

Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization. Today, however, SOAR platforms are increasingly assuming a legacy look and feel. Although SOARs still have their place in a modern SecOps strategy, the key to driving SecOps forward today is no-code security automation.

Read Post

Torq

Read more about SOARs vs. No-Code Security Automation: The Case for Both

Falcon Complete: A Pioneer in MDR

Mar 21, 2022 By CrowdStrike In CrowdStrike

Stop breaches with an MDR that stays one step ahead of today’s sophisticated adversaries. With 24/7 proactive threat hunting and hands-on surgical remediation, CrowdStrike Falcon Complete owns the entire lifecycle of an incident.

View Video

CrowdStrike

Read more about Falcon Complete: A Pioneer in MDR

How to Secure Containers and Eliminate Noise from Code to Production with Sysdig and Snyk

Mar 21, 2022 By Snyk In Snyk

This webinar recording presented by Snyk and our partner Sysdig shows how we are helping developers and security teams pinpoint must-fix open source and container vulnerabilities in development while effectively protecting workloads in production. Implementing a continuous feedback loop using runtime intelligence helps you save time by focusing remediation efforts on packages executed at runtime.

View Video

Snyk

Read more about How to Secure Containers and Eliminate Noise from Code to Production with Sysdig and Snyk

Threat-Based Methodology: Configuration Settings

Mar 21, 2022 By John Allison In Devo

This is the second post in the Threat-Based Methodology series. The first post introduced Threat-Based Methodology and the analysis conducted by the FedRAMP PMO and NIST. That post concluded with a list of the top seven controls based on their Protection Value. This post will explore CM-6 in greater depth and explain how Devo supports the ability to meet this control. CM-6, Configuration Settings, was determined to provide the most Protection Value with a score of 208.86.

Read Post

Devo

Read more about Threat-Based Methodology: Configuration Settings

Australia and the Risk of a Russian Cyber Attack: Are You Ready?

Mar 20, 2022 By Edward Kost In UpGuard

Given Russia's reputation for highly-sophisticated cyberattacks, the country's invasion of Ukraine has sparked justified fears of an imminent global cyberwar. While, for the time being, Putin’s cyber efforts against Ukraine are surprisingly restrained, this may not be the case for other countries.

Read Post

UpGuard

Read more about Australia and the Risk of a Russian Cyber Attack: Are You Ready?

Russian Hackers Exploit MFA protocols and Print Spooler "PrintNightmare" vulnerability

Mar 20, 2022 By John Gates In CalCom

A joint Cybersecurity Advisory (CSA) was issued by the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) recently warning organizations about a Russian state-sponsored cyber-attack. The cyber actors ran arbitrary code using system privileges by exploiting a Windows Print Spooler vulnerability, “PrintNightmare.”

Read Post

CalCom

Read more about Russian Hackers Exploit MFA protocols and Print Spooler "PrintNightmare" vulnerability

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

How to cybersecurity: Software supply chain security is much bigger than you think

How to prepare for the next log4j

WTF is Open Source

Protestware is trending in open source: 4 different types and their impact

SOARs vs. No-Code Security Automation: The Case for Both

Falcon Complete: A Pioneer in MDR

How to Secure Containers and Eliminate Noise from Code to Production with Sysdig and Snyk

Threat-Based Methodology: Configuration Settings

Australia and the Risk of a Russian Cyber Attack: Are You Ready?

Russian Hackers Exploit MFA protocols and Print Spooler "PrintNightmare" vulnerability

Monthly Archive

Follow Us