Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Webinar | Best Practices for Auditing K8s | Gravitational | Ev Kontsevoy | Andrew Lytvynov

In this webinar, Ev and Andrew have a conversation about auditing kubernetes, what those logs might look like in a platform like Sumo Logic, and what added benefits one could receive from using a secure access tool like Teleport for audit logs and alerts.

COBIT vs ITIL vs TOGAF: Which Is Better For Cybersecurity?

Adding a little bit of structure into one's affairs never hurts, especially when it comes to IT business processes and IT assets. To this end, various frameworks offer blueprints for achieving key organizational objectives like compliance and security. Three of the more popular IT governance frameworks—COBIT, ITIL, and TOGAF—are widely used by enterprises in this regard—let's see how they compare when it comes to bolstering cybersecurity and digital resilience.

LXC vs Docker: Why Docker is Better

LXC (LinuX Containers) is a OS-level virtualization technology that allows creation and running of multiple isolated Linux virtual environments (VE) on a single control host. These isolation levels or containers can be used to either sandbox specific applications, or to emulate an entirely new host. LXC uses Linux’s cgroups functionality, which was introduced in version 2.6.24 to allow the host CPU to better partition memory allocation into isolation levels called namespaces .

JIRA Service Desk vs ServiceNow: Ticketing System Comparison

Ticketing systems are essential to today's enterprise IT help desk operations—without them, service requests and issues would end up lost inside a flurry of emails and handwritten notes. Both JIRA's Service Desk and ServiceNow are leading solutions in this category; the latter has a 25% share of the IT service management (ITSM) market, while Atlassian—though more software developer-focused—is a household name when it comes to project management and collaboration tools.

Is CapitalOne's DevOps Dashboard Hygieia the Best?

Many enterprise software hopefuls tackle the final stretch to becoming a mature offering through the development of an easy-to-use management GUI. This is especially true of DevOps and automation tools, as quite a few solutions have recently rounded out their platforms with web-based UI consoles for easier, visual management of resources and services.

Moody's Shares How to Learn from Organizations Running Successful AppSec Programs

Veracode has helped thousands of customers integrate security into their development cycle, and we’ve now got lessons learned, best practices, and pitfalls to avoid. Join Adrian Benvenuti, Vice President of Cybersecurity Risk and Architecture at Moody’s and Chris Kirsch, Director, Product Marketing at Veracode as they discuss how real-life AppSec programs are helping security and development teams work together to secure code.

Live From Black Hat: Stress-Testing Democracy - Election Integrity During a Global Pandemic with Matt Blaze

Technology and elections are heavily interrelated – but it wasn’t always that way. We started to adopt technology once we weren’t able to fit everyone into a town hall. The first piece of technology was simply a piece of paper and a ballot box. We may not think of it as technology, but the ballot box can be tampered with. That technology gave us ballot secrecy, a trait that a hand-raise in the town hall didn’t.

Tripwire Research: IoT Smart Lock Vulnerability Spotlights Bigger Issues

The mechanical lock is perhaps the most fundamental, tangible, and familiar layer of security in our daily lives. People lock their doors with the expectation that these locks will keep the bad people out, but there’s a common adage in the security industry that locks are only good at keeping honest people honest. This is perhaps truer than ever in the era of the IoT “smart lock” where lock picks and bump keys can often be replaced by scripts and sniffers.

National Cybersecurity Authority (NCA): What You Need to Know

In its Vision 2030 development plan, Saudi Arabia included a National Transformation Program whose purpose is to diversify the Kingdom’s income away from the oil industry. One of the core tenets of that program is to enable the growth of the private sector by developing the digital economy. Specifically, Saudi Arabia set out its intention to increase the contribution of the digital economy that’s non-oil GDP from 2% to 3% by 2030.