Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

logsentinel

Five Things We Can Learn From Solorigate/SUNBURST, a Sophisticated And Highly Evasive Cyber Attack

Dec 15, 2020 By Bozhidar Bozhanov In LogSentinel

This week the US government as well as many enterprises were hit by a cyber attack, dubbed Solorigate, via the SUNBURST backdoor. Fireeye (also a victim of the attack) has done a great analysis of how the attack works, and we recommend reading it. But we’ll focus on a couple of takeaways instead of the precise details of how it worked. What we can learn from it in order to improve our cybersecurity posture.

Read Post
styra

What is Styra Declarative Authorization Service?

Dec 15, 2020 By Chris Webber In Styra

Whether you’re a developer or an IT professional (or a bit of both!), enforcing and managing authorization policies for the new containerized world is a whole different ball game than it was before. There’s the complex nature of modern applications — composed of multiple microservices, housed in containers — and then there’s the dynamic nature of platforms like Kubernetes, running those applications.

Read Post

Secure Your Cloud Transformation with Continuous Intelligence

Dec 15, 2020 By Sumo Logic In Sumo Logic
CrowdStrike and Sumo Logic work together to identify security threats and defend against IOCs in a hybrid environment. Customers gain knowledge on adversaries which may be targeting their assets and organisation via strategic, operational and technical reporting and alerts. During this session, we’ll hear from Australian private health provider, NIB, on how Sumo Logic and CrowdStrike have worked together to help NIB secure its digital transformation and cloud environment.
View Video
netskope

Netskope Threat Coverage: SUNBURST & FireEye Red Team (Offensive Security) Tools

Dec 15, 2020 By Dagmawi Mulugeta In Netskope

On Dec 8, 2020, the cybersecurity company FireEye reported that there had been a cyber attack on their systems. As part of this attack, their inventory of Red Team tools was stolen. These tools could potentially be used by a threat actor against unsuspecting victims. On Dec 13, 2020, after further investigation of this attack, FireEye reported that the initial vector came through SolarWinds, an upstream vendor, as a malicious trojanized update of SolarWinds’ Orion IT platform.

Read Post

Tips for Writing & Enforcing Your Company's Policies - Business Tips | CurrentWare

Dec 15, 2020 By CurrentWare In CurrentWare
When running a business, your policies need to be clear, concise, and consistently enforced. In this video CurrentWare’s marketing coordinator Dale Strickland shares with you the best practices for writing and enforcing company policies. This video will be using an Acceptable Use Policy as an example but you can apply these tips to any other policy you have.
View Video

Enabling Secure Kubernetes Multi-Tenancy with Calico Enterprise

Dec 15, 2020 By Tigera In Tigera
When you have different teams interacting with a Kubernetes cluster you need to think about the security, privacy, and observability challenges associated with multi-tenancy: How to provide each team with access to the specific resources they need, in a way that allows the team to be agile, without risking impacting other teams? In this session, we’ll explore the Kubernetes multi tenancy concepts and design patterns needed for successful enablement of multi-tenancy within your Kubernetes clusters using key capabilities of Calico Enterprise.
View Video
veracode

State of Software Security v11: The Most Common Security Flaws in Apps

Dec 15, 2020 By Hope Goslin In Veracode

For our annual State of Software Security report, we always look at the most common types of security flaws found in applications. It’s important to look at the various types of flaws present in applications so that application security (AppSec) teams can make decisions about how to address and fix flaws. For example, high-severity flaws, like those listed in OWASP Top 10 or SANS 25, or highly prevalent flaws can be detrimental to an application.

Read Post

Secure Your Journey to the Cloud with Tripwire Configuration Manager

Dec 15, 2020 By Tripwire In Tripwire
Tripwire can help you make your journey to the cloud more secure based on industry standards and best practices like the Center for Internet Security’s 20 CIS Controls. In this presentation, we highlight the cloud capabilities from Tripwire you might not already be aware of. See a guided demo of Tripwire Configuration Manager, and learn about common use cases around issues such as public vs private cloud storage security and multi-cloud compliance.
View Video
tripwire

Survey: 78% of Retailers Took Additional Security Precautions Ahead of the 2020 Holidays

Dec 15, 2020 By Ray Lapena In Tripwire

Coronavirus 2019 (COVID-19) stopped many things in 2020. While in-store holiday shopping may be greatly reduced for some, there’s still a lot of shopping happening online. Near the end of November 2020, Statista revealed that holiday retail sales were expected to grow approximately 3.6% over the previous year. And Adobe Analytics reported that online sales would likely rise 33% to a record $189 billion.

Read Post
tripwire

From a Single Pane of Glass, to Functional Dashboards to Manage Cyber Risk

Dec 15, 2020 By Baksheesh Singh Ghuman In Tripwire

For the longest time, or as far as I can remember, the holy grail of all networking platforms has been the need for a single pane of glass, that single source of all information that you would need to be most effective. So, what is a single pane of glass?

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.