Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

styra

5 OPA Deployment Performance Models for Microservices

Apr 15, 2021 By Anders Eknert In Styra

If you’re responsible for a microservices app, you may be familiar with the idea of a “latency budget.” This is the maximum latency, measured as total request time, that you need for the app to work, in order to meet your SLAs and keep stakeholders happy. For a stock trading or financial services app, this budget might be the barest of microseconds.

Read Post

Kubernetes Quick Hits: SecurityContext and why not to run as root

Apr 15, 2021 By Snyk In Snyk
In this, the first of our series of our Kubernetes Quick Hits videos, Eric Smalling–Sr. In less than five minutes, you understand why you need to *not* run your containers as root and what to do about it if you are. Snyk helps software-driven businesses develop fast and stay secure. In addition to container security scans, Snyk can continuously monitor to find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
View Video

Secure Coding with IntelliJ

Apr 15, 2021 By Snyk In Snyk
How can I do security in IntelliJ? Is there a security code scanner for IntelliJ? How can I test for security in Java? Is there a Snyk plug-in for IntelliJ? Make sure to subscribe so you don't miss new content! We know that IntelliJ IDEA is the most favorite and commonly used IDE in the Java landscape and a lot of developers practically live in their integrated development environment (IDE). A good IDE is like a swiss army knife; it is your go-to tool to do almost everything. Let’s see how we can integrate security and secure development into IntelliJ IDEA using this new Snyk plugin.
View Video
teleport

What I Wish I Knew About U2F and Other Hardware MFA Protocols

Apr 15, 2021 By Andrew Lytvynov In Teleport

Teleport has supported multi-factor authentication (MFA) for a while now, via Authenticator Apps (TOTP) and Hardware Tokens (U2F) such as YubiKeys. But this support was pretty limited: you could only choose one MFA protocol and users could only register one device. If a user lost their device, they would be locked out and need an account reset by the administrator. So, for Teleport 6.0, we’ve reimplemented the MFA support to make it more flexible.

Read Post
lookout

The Zero Trust lesson behind mobile phishing against Australian officials

Apr 15, 2021 By Hank Schless In Lookout

Australia recently confirmed that a series of mobile phishing attacks were successfully executed on senior officials. According to The Sydney Morning Herald, the targets – which included Australia’s finance minister, health minister and ambassador to the U.S. – were sent messages asking them to validate new WhatsApp or Telegram accounts.

Read Post
tripwire

White House launches plan to protect US critical infrastructure against cyber attacks

Apr 15, 2021 By Graham Cluley In Tripwire

The White House is reportedly moving swiftly forward with a plan to harden the security of the US power grid against hacking attacks. According to Bloomberg, the Biden administration has a plan to dramatically improve how power utilities defend themselves against attacks from countries considered to be adversaries in cyberspace – such as Russia, Iran, North Korea, and China.

Read Post
tripwire

A quick round up of privacy highlights for Q1 of 2021

Apr 15, 2021 By Tripwire Guest Authors In Tripwire

As expected, the start of 2021 has seen unprecedented movement in the U.S. with 22 states introducing comprehensive privacy legislation and even more introducing specific-use legislation. To date, hundreds of privacy bills were introduced across the states; to give some perspective, more than 50 privacy bills were introduced in New York alone. Undoubtedly a hot topic, it seemed anyone with an idea for a privacy bill put it in writing and introduced it to their legislature.

Read Post
synopsys

Securing the IoT tsunami

Apr 15, 2021 By Synopsys Editorial Team In Synopsys

The Internet of Things (IoT) is a reality. Gartner forecasts 25 billion IoT devices by 2021, and other industry sources and analysts predict even larger numbers. Although projections of unprecedented growth are ubiquitous among industry pundits, the efforts to secure this tsunami of connected devices are in their infancy. The IoT is still relatively new, so it lacks regulations that mandate security.

Read Post
chaossearch

6 Data Cleansing Strategies For Your Organization

Apr 15, 2021 By Dave Armlin In ChaosSearch
The success of data-driven initiatives for enterprise organizations depends largely on the quality of data available for analysis. This axiom can be summarized simply as garbage in, garbage out: low-quality data that is inaccurate, inconsistent, or incomplete often results in low-validity data analytics that can lead to poor business decision-making.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.