Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

netskope

Dangerous Docs: Surge in Cloud-delivered Malicious Office Documents

Sep 30, 2020 By Ray Canzanese In Netskope

The global pandemic caused an abrupt shift to remote work among enterprise knowledge workers, which in turn resulted in an increase in risky behavior. Attackers immediately tried to capitalize on the pandemic, with COVID-19-themed phishing emails, scams, and Trojans. At the same time, techniques used in more sophisticated cyberattacks continued to evolve.

Read Post

Install Veracode for VS Code to Run Greenlight Scans

Sep 30, 2020 By Veracode In Veracode
In this video, you will learn how to install the Veracode for VS Code extension. The Veracode for VS Code extension is available from the Visual Studio Marketplace. Greenlight finds security defects in your code in seconds so you can fix the findings directly in your IDE. Veracode for VS Code is an extension to Visual Studio Code, which performs a Veracode Greenlight scan at the file level, and supports JavaScript, TypeScript, and C#.
View Video

Netwrix Auditor for Azure AD - Overview

Sep 30, 2020 By Netwrix In Netwrix
Netwrix Auditor for Azure AD enables complete visibility into user actions, including user sign-in activity, in your Azure AD deployment. The application provides actionable intelligence about successful and failed sign-in attempts and critical changes to Azure AD users, groups, roles, contacts, applications, devices, licenses and more.
View Video

Netwrix Auditor for Windows Server - Overview

Sep 30, 2020 By Netwrix In Netwrix
Netwrix Auditor for Windows Server delivers complete visibility into Windows-based server infrastructures. It detects and reports on all changes made to server configuration — hardware and software, services, applications, network settings, registry settings, DNS, and more. In addition, it provides event log management and video recording of user activity.
View Video
outpost 24

Fix now: High risk vulnerabilities at large, September 29th

Sep 30, 2020 By Simon Roe In Outpost 24

Since the global pandemic we’ve been writing about the latest CVEs to look out for in our risk based vulnerability management blog. As we head into the Autumn and the nights begin to draw in, threat actors continue to exploit vulnerabilities and cause disruption. Let’s take a look at some that have raised their profile in the last couple of weeks

Read Post
tigera

Kubernetes Q3-2020: Threats, Exploits and TTPs

Sep 30, 2020 By Manoj Ahuje In Tigera

Kubernetes has become the world’s most popular container orchestration system and is taking the enterprise ecosystem by storm. At this disruptive moment it’s useful to look back and review the security threats that have evolved in this dynamic landscape. Identifying these threats and exploits and being a proactive learner may save you a lot of time and effort…as well as help you retain your reputation in the long run.

Read Post
armo

What makes ARMO customers immune - by design - against vulnerabilities like the recently discovered CVE-2020-14386?

Sep 30, 2020 By Leonid Sandler In ARMO

CVE-2020-14386 is yet another severe vulnerability that was recently discovered in the Linux kernel. It reminds us that the fight against vulnerabilities is not over. This particular one allows a regular application to escalate its privileges and gain root access to the machine. Indeed, it sounds scary.

Read Post
logsign

Find the Correct MSSP or Build an Efficient SOC? (Part 2)

Sep 30, 2020 By Fakhar Imam In Logsign

Many organizations don’t rely on outsourced security solutions such as MSSP. Rather, they prefer building their own SOC to combat nefarious cybersecurity threats and attacks. However, it is vital to know how an effective SOC is built and what should be its essential security ingredients.

Read Post
redscan

Redscan Labs releases Zerologon detection tool

Sep 30, 2020 By The Redscan Team In Redscan

Zerologon (CVE-2020-1472) is a critical vulnerability in the Windows Server Netlogon process authentication process. Following our recent Security Advisory, immediate patching of the vulnerability is strongly advised. To help determine whether your organisation has been compromised as a result of an attacker exploiting the vulnerability (even prior to a patch being installed), Redscan Labs has developed a Zerologon detection tool.

Read Post
synopsys

Can SAST tools improve developer productivity?

Sep 30, 2020 By Ashutosh Kumar In Synopsys

Organizations are increasingly agile today, producing and deploying software applications faster than ever before. But this requires all the elements in the software development life cycle (SDLC) to work together cohesively. Security practices in the SDLC become especially important, given that more than half of security flaws result from preventable coding mistakes. Ensuring that developers are on board with security practices is even more critical to improve the process efficiency.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.