Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Technology

Hardened Access - Dual Authorization for Roles & Per-session MFA with Yubikeys

May 20, 2021 By Teleport In Teleport
This webinar is a deep dive into how companies can harden access to Teleport with two new features in Teleport 6.1 These include creating dual & multi Authorization rules, requiring multiple team members to approve role escalation. This is an important FedRAMP control ( AC-3 ) and increasing the visibility and audibility for access. We’ll show how you can enforce per session MFA with the aid of hardware tokens; reducing the scope and risk related to certificate exfiltration.
View Video
appknox

Problematic JavaScript Vulnerabilities And Their Fixes Every Developer Should Know

May 19, 2021 By Patrick R In Appknox

A web developer’s ultimate goal is to not only develop a website or an app that is aesthetically and functionally stunning but highly secure as well. Cybersecurity is inevitable and no end-user would want to have an app that could breach or compromise their data security and integrity (no matter how useful the app is). With hackers and middlemen working on creative ways to explore vulnerabilities, it is on developers like us to take charge and be a step ahead of them.

Read Post

The Netskope Online Community

May 19, 2021 By Netskope In Netskope
Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.
View Video
netskope

A Real-World Look at AWS Best Practices: IAM Policies

May 19, 2021 By Jenko Hwong In Netskope

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.

Read Post
Snyk

Exploring intent-based Android security vulnerabilities on Google Play

May 18, 2021 By Kirill Efimov, Raul Onitza-Klugman In Snyk

Our phones know a lot about us, so it’s important we can trust them. After discovering and then publishing our findings on SourMint — the malicious iOS ad SDK — the Snyk Security Team decided to dig deeper in the Android ecosystem. To do so, we leveraged Snyk Code to analyze and search for vulnerabilities in applications uploaded to the Google Play store.

Read Post
tripwire

Hacker Tools Used for Good as Exposed Amazon Cloud Storage Accounts Get Warnings

May 18, 2021 By Ben Layer In Tripwire

Responding to the all too familiar news of compromised Amazon cloud storage, security researchers have begun leaving “friendly warnings” on AWS S3 accounts with exposed data or incorrect permissions. The misconfiguration of access control on AWS storage “buckets” has been behind numerous high profile data breaches, including Verizon, The Pentagon, Uber and FedEx.

Read Post
coralogix

How Cloudflare Logs Provide Traffic, Performance, and Security Insights with Coralogix

May 18, 2021 By Adam Pikulik In Coralogix

Cloudflare secures and ensures the reliability of your external-facing resources such as websites, APIs, and applications. It protects your internal resources such as behind-the-firewall applications, teams, and devices. This post will show you how Coralogix can provide analytics and insights for your Cloudflare log data – including traffic, performance, and security insights.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.