Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Open Core vs Proprietary SaaS (which to bet your startup's life on?)

May 29, 2020 By Teleport In Teleport
Gravitational COO, Taylor Wakefield, presents at the 2019 Open Core Summit, comparing Commercial Open Source Software ("COSS" aka, Open Core Software) to Proprietary SaaS. This presentation discusses why SaaS emerged, why COSS is now emerging and looks at the S-1 data of recently IPO'd companies in each cohort to validate the assumed benefits of each model.
View Video
logsign

Automated Incident Response with SOAR

May 29, 2020 By Fakhar Imam In Logsign

Cybersecurity incidents are the norm of the day. No organization has impunity. When a cybersecurity incident occurs, incident responders have to immediately respond to contain the incident and mitigate the damage. To this end, they have to execute the Incident Response Processes (IRP). Doing it manually is expensive and time-consuming and also less effective if your organization is facing too many incidents on a weekly or monthly basis.

Read Post
splunk

3 Regulatory Compliance Trends That Are Accelerating in 2020

May 29, 2020 By Oliver Friedrichs In Splunk

A growing attack surface and the exponential rise of data has opened the floodgates for breaches, leading to increased scrutiny by regulatory agencies. It’s not surprising that in recent years, regulators have had to double down with compliance mandates that are more stringent and punitive than ever before.

Read Post
Featured Post
riskoptics

The Importance Of Cloud-based Security For Businesses

May 28, 2020 By RiskOptics In RiskOptics
Cloud computing is the transmission of information technology services through the internet. Cloud computing is classified as public, private, or hybrid. These services are now popular with many businesses and governments, hence the need for security measures to ensure data safety and applications in the cloud. Cloud-based security involves the technology and series of procedures implemented to protect cloud computing environments from cybersecurity threats. This form of protection is necessary for small businesses, medium-sized corporations, and large organizations. Here are some of the crucial benefits of cloud-based security.
Read Post
detectify

Hiding in plain sight: HTTP request smuggling

May 28, 2020 By Detectify In Detectify

HTTP request smuggling is increasingly exploited by hackers in the wild and in bug bounty programs. This post will explain the HTTP request smuggling attack with remediation tips. HTTP request smuggling is an attack technique that abuses how two HTTP devices send requests between each other (typically a front-end proxy or a HTTP-enabled firewall and a backend server) or chaining multiple servers together with different configurations.

Read Post
sysdig

Detect reverse shell with Falco and Sysdig Secure

May 28, 2020 By Kaizhe Huang In Sysdig

Reverse shell is a way that attackers gain access to a victim’s system. In this article, you’ll learn how this attack works and how you can detect it using Falco, a CNCF project, as well as Sysdig Secure. Sometimes, an application vulnerability can be exploited in a way that allows an attacker to establish a reverse shell connection, which grants them interactive access to the system.

Read Post
upguard

SIEM vs. IDS: What is the Difference?

May 28, 2020 By Abi Tyas Tunggal In UpGuard

The main difference between a security information and event management (SIEM) solution and an intrusion detection system (IDS) is that SIEM tools allow users to take preventive actions against cyberattacks while IDS only detects and reports events. Security information and event management (SIEM) is an approach to cybersecurity combining: Note: the acronym SIEM is pronounced "sim" with a silent e.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.