Coffee Talk with the Splunk Security Gang
Join the Splunk Security Gang on Thursday October 21st at 11 am Pacific for a special edition live event for.conf21! The episode will be a spicy one you don't want to miss!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
%term
No Integrity, No Trust. The Foundation of Zero Trust Architecture | Ep 26
In the episode, Tripwire's Maurice Uenuma, discusses the role of integrity when it comes to Zero Trust Architecture. With results from our latest research survey on the Executive Order and Zero Trust, he and Tim make the case that Zero Trust cannot be maintained without proper Integrity controls at its foundation.
New Kubernetes high severity vulnerability alert: CVE-2021-25742
On Oct 21st, the Kubernetes Security Response Committee issued an alert that a new high severity vulnerability was discovered in Kubernetes with respect to the ingress-nginx - CVE-2021-25742. The issue was reported by Mitch Hulscher. Through this vulnerability, a user who can create or update ingress objects, can use the custom snippets feature to obtain all secrets in the cluster.
Top DevSecOps Tools For 2022
DevSecOps combines the responsibilities of development, security and operations in order to make everyone accountable for security in line with the ongoing activities conducted by development and operations teams. DevSecOps tools serve to assist the user in minimising risk as part of the development process and also support security teams by allowing them to observe the security implications of code in production.
Is Influencer Marketing being Besieged by Bad Bots and Fake Followers?
Influencer marketing is set to be worth $13.8 billion by the end of 2021, rising from $9.7 billion since last year. With many people working from home during the pandemic, monetizing a social media following by creating sponsored posts for brands has become a popular side hustle. This can be seen by the rapid growth of emerging platforms, particularly TikTok which saw over 2 billion downloads in 2020 and a 45% increase in its use by influencers in 2021 to date.
SIEM use cases: how to develop bespoke threat detection rules
But, as we explored in the first of this two-part series, there are limitations to using the out-of-the-box rules which form part of the technology. In this blog post, we explore how to customise rules, the rule development process and the role of Sigma.
Could your kids spot this mobile phish?
I realized early on that if I didn’t teach my kids how to identify and avoid likely attacks on their laptops and phones, that no one would. Nevertheless, when I see an opportunity for a “teachable security moment” I grab it, and last week this mobile phishes appeared on my phone. I captured a screen shot to share with my children and we played a little “spot the phish” game, where they would point out all the things that made this text suspicious.
Logicalis reshape the traditional approach to Enterprise Security with the global launch of Secure OnMesh
Logicalis today announces the launch of its new security solution - Secure OnMesh.
Forward Networks Wins "Enterprise Cloud Computing Software of the Year" Award in 2021 Mobile Breakthrough Awards Program
Annual Awards Recognizes Top Mobile and Wireless Companies and Solutions Around the Globe.
CISOs to Developers: Changing the Way Organizations Look at Authorization Policy
In today’s cloud-native, app-first and remote-first world, it has become a considerably more complicated task to verify the identity of a user or a service, and determine policies that say what they are and aren’t allowed to do. Yet, the first half of that problem, authentication, for the most part, is already solved because of standards like Security Assertion Markup Language (SAML), OAuth and Secure Production Identity Framework for Everyone (SPIFFE).