Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

detectify

Detectify checks for critical Oracle WebLogic Server RCEs (CVE-2020-14882, CVE-2020-14750)

Dec 3, 2020 By Detectify In Detectify

On October 29th, Detectify released a security test to detect a critical Oracle WebLogic Server RCE – CVE-2020-14882. Again in November, Oracle released an out-of-band security patch to fix a related RCE for Oracle Fusion Middleware. These vulnerabilities are currently being exploited by multiple botnets in the wild. Detectify scans your application for both of these vulnerabilities and will alert you if you are running a vulnerable version of Oracle WebLogic Server.

Read Post
sysdig

Your team is running containers, but are they secure?

Dec 3, 2020 By Suresh Vasudevan In Sysdig

Organizations are modernizing IT infrastructure, restructuring teams, and accelerating application delivery with containers and Kubernetes. As with any technology, organizations are at various places within their journey. However, according to Gartner, more than 75% of global organizations will be running containerized apps in production by 2022. Chances are your team is using containers for some applications.

Read Post

Lookout for Small Business: Secure Your Growing Business with Enterprise-grade Security

Dec 3, 2020 By Lookout In Lookout
Regardless of how many employees you have, your growing business faces the same threats as larger organizations. And you depend on engaging your customers on a personal level to stand out in the crowd. So to preserve that relationship, you need a mobile security solution that protects your data and their privacy.
View Video
netskope

Building Proficiencies to Discuss Security with the Board

Dec 3, 2020 By Brian Tokuyoshi In Netskope

Today, cybersecurity, risk, and data protection are issues that are on upper management’s radar. Seeking to minimize the potential for business disruption, board members are getting more involved with the organization’s security program. Recent surveys indicate that 65% of companies are recruiting board members who are knowledgeable about security issues.

Read Post
teleport

The Pitfalls of Language Runtimes and Multi-tenant Services

Dec 3, 2020 By Alexander Klizhentas In Teleport

Modern languages like Python, NodeJS, and Go make it easy to handle concurrent requests for multiple customers at the same time by using threads or goroutines. Such services seem very cost effective because one process can handle hundreds or thousands of tenants. However, this efficiency comes at a hidden, steep price. When language runtime scheduling breaks down, one tenant can cause an outage for everyone.

Read Post

Deploying Calico in Your On-prem Kubernetes Cluster: Networking and Security Considerations

Dec 3, 2020 By Tigera In Tigera
If you are deploying Kubernetes on-premises in your datacenter, this is a talk and demo you won’t want to miss. Networking and security might not be the first things that come to mind, but without some understanding of the networking and security decisions you’ll need to make, and the right options for your environment, you’re likely to get stuck or make the wrong assumptions. These may limit your ability to scale or integrate with the rest of the datacenter network.
View Video
veracode

CI/CD With Veracode Docker Images

Dec 3, 2020 By Tim Jarrett In Veracode

On November 19, Veracode published new, official Docker images for use in continuous integration pipelines. The images, which provide access to Pipeline Scan, Policy (or Sandbox) scans, and the ability to access Veracode APIs via the Java API Wrapper or via HTTPie with the Veracode API Signing tool, make it easy to include the current version of Veracode tools in your automation workflow.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.