Security

What You Need To Know About Application Security Testing Orchestration

Dec 10, 2020 By Patricia Johnson In Mend

As the security threat landscape continues to evolve, choosing the best application security testing tools is just the first challenge for organizations investing in AppSec. Next, organizations need to figure out how to best orchestrate the application security testing technologies they are using in order to get the most out of them without losing valuable time. That’s where application security testing orchestration comes in.

Read Post

Mend

Read more about What You Need To Know About Application Security Testing Orchestration

Preventing malicious use of Weave Scope

Dec 10, 2020 By Vicente Herrera García In Sysdig

Intezer and Microsoft reported on Sept. 9 that TeamTNT hackers are deploying Weave Scope in compromised systems as an auxiliary tool in their intrusions. Weave Scope is a legitimate and powerful tool to manage server infrastructure that, once deployed, makes it easy to control all resources. In this article, we will describe how this tool can be used maliciously, and how to add specific checks in your security set up to look for it.

Read Post

Sysdig

Read more about Preventing malicious use of Weave Scope

See and Secure containers on AWS Fargate

Dec 10, 2020 By Sysdig In Sysdig

Tune into our #LinkedInLive event on December 9 from 11:30am-12pm PST and join Sysdig and Amazon Web Services (AWS) experts, Pawan Shankar and Eric Carter, to learn how to scan #AWS #Fargate containers in under 4 minutes with Sysdig Secure. Join this live discussion to learn how Sysdig Secure closes the visibility and security gap by providing the first automated #Fargate inline scanning.

View Video

Sysdig

Read more about See and Secure containers on AWS Fargate

Getting started with EventSentry v4.2.x

Dec 10, 2020 By EventSentry In EventSentry

This video helps new users get started with EventSentry quickly by walking them through the most important areas of the management console and web reports.

View Video

EventSentry

Read more about Getting started with EventSentry v4.2.x

Unify Access to Cloud - Iterating on Identity-Based Management

Dec 10, 2020 By Virag Mody In Teleport

The maturation of software development has been driven by the increasing segmentation of functions into their own portable environments. Infrastructure is splintered into dozens of computing resources, physical servers, containers, databases, Kubernetes pods, dashboards, etc. Such compartmentalization has made it incredibly simple for developers to enter their desired environments with minimal disruption to other working parts.

Read Post

Teleport

Read more about Unify Access to Cloud - Iterating on Identity-Based Management

Outpost24 Webinar: Mastering container security in modern day DevOps

Dec 10, 2020 By Outpost 24 In Outpost 24

Join our webinar as our cloud security expert examines the security challenges that come with container adoption and unpack the key steps required to integrate and automate container assessment into the DevOps cycle to help developers build and deploy cloud native apps at speed whilst keeping one eye on security.

View Video

Outpost 24

Read more about Outpost24 Webinar: Mastering container security in modern day DevOps

Outpost24 webinar - Protecting Cezanne HR's cloud web application with continuous assessment

Dec 10, 2020 By Outpost 24 In Outpost 24

Cyberattacks like payroll scams and recruitment fraud are finding their way into organizations via HR which makes protecting your employee data just as important as customer data. Find out how Cezanne HR secure their SaaS application with continuous assessment to help their customers protect employee data. The Cezanne HR SaaS application is used by over 650 organizations across the globe to simplify human resource management. But when it comes to sensitive employee data, customers demand proof of security and need to know that their data is in safe hands. In this webinar John Hixon, R&D Director at Cezanne HR, will share in-depth insights into how he leverages manual pen testing and dynamic application security testing throughout the Software Development Lifecycle (SDLC) to uncover hidden risks in the application and protect their customer data. Join our host Simon Roe, Application Security Product Manager, and John as they discuss the importance of data protection in HR, and how this hybrid continuous assessment approach has helped them secure their business critical apps and maintain ISO certification standards at scale.

View Video

Outpost 24

Read more about Outpost24 webinar - Protecting Cezanne HR's cloud web application with continuous assessment

Goodbye to Flash - if you're still running it, uninstall Flash Player now

Dec 10, 2020 By Graham Cluley In Tripwire

It’s time to say a final “Goodbye” to Flash. (Or should that be “Good riddance”?) With earlier this week seeing the final scheduled release of Flash Player, Adobe has confirmed that it will no longer be supporting the software after December 31 2020, and will actively block Flash content from running inside Flash Player from January 12 2021.

Read Post

Tripwire

Read more about Goodbye to Flash - if you're still running it, uninstall Flash Player now

Fuzzing Bitcoin with the Defensics SDK, part 2: Fuzz the Bitcoin protocol

Dec 10, 2020 By Jonathan Knudsen In Synopsys

In part two of this series, learn how to create a data model for the Bitcoin network protocol and use the Defensics SDK to perform fuzzing on bitcoind. In the previous article, you saw how to set up a test bed for bitcoind. We created two containers, fleur and viktor, and set up communication between the two bitcoind instances. In this article, learn how to create a data model for the Bitcoin network protocol, and then use this model in the Defensics® SDK to perform fuzzing on bitcoind.

Read Post