Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

teleport

Securing Your PostgreSQL Database

Apr 2, 2021 By Roman Tkachenko In Teleport

Databases are the Holy Grail for hackers, and as such, must be protected with utmost care. This is the first in a series of articles in which we’ll give an overview of best practices for securing your databases. We’re starting with one of the most popular open-source databases, PostgreSQL, and will go over several levels of security you’d need to think about.

Read Post
netskope

Defining Zero Trust Data Protection

Mar 31, 2021 By Jason Clark In Netskope

The biggest fundamental shift in the era of digital transformation is that data is no longer on a CPU that the enterprise owns. Security teams focused on cloud must invest in the right technology to achieve more complete data protection, and we all need to ensure Zero Trust principles are applied everywhere data needs protection. At Netskope, we describe this as Zero Trust Data Protection. In its simplest form, Zero Trust means: Don’t trust the things you do not need to trust.

Read Post
splunk

Splunk SOAR Playbooks: Conducting an Azure New User Census

Mar 31, 2021 By Philip Royer In Splunk

In January and February of 2021, the threat actor called Hafnium used a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched).

Read Post
manageengine

Azure security 101: Security essentials, logs, authentication, and more

Mar 30, 2021 By Log360 In ManageEngine

“Where necessity speaks, it demands”. This old saying seems particularly apt right now with the pandemic forcing organizations to completely change the way they think about their IT networks. That rapid shift to remote work has resulted in a massive demand for cloud-based services.

Read Post
sysdig

Sysdig Adds Unified Threat Detection Across Containers and Cloud to Combat Lateral Movement Attacks

Mar 30, 2021 By Sysdig In Sysdig
Sysdig introduces continuous CSPM to the Sysdig Secure DevOps Platform, multi-cloud threat detection for AWS and GCP, and a new free-forever cloud security tier. With 70% of cyberattack breaches utilizing lateral movement, Sysdig uniquely detects and responds to threats across cloud and containers.
Read Post
sysdig

Detect suspicious activity in GCP using audit logs

Mar 30, 2021 By Alejandro Villanueva In Sysdig

GCP audit logs are a powerful tool that track everything happening in your cloud infrastructure. By analyzing them, you can detect and react to threats. Modern cloud applications are not just virtual machines, containers, binaries, and data. When you migrated to the cloud, you accelerated the development of your apps and increased operational efficiency. But you also started using new assets in the cloud that need securing.

Read Post
sysdig

Cloud lateral movement: Breaking in through a vulnerable container

Mar 30, 2021 By Stefano Chierici In Sysdig

Lateral movement is a growing concern with cloud security. That is, once a piece of your cloud infrastructure is compromised, how far can an attacker reach? What often happens in famous attacks to Cloud environments is a vulnerable application that is publicly available can serve as an entry point. From there, attackers can try to move inside the cloud environment, trying to exfiltrate sensitive data or use the account for their own purpose, like crypto mining.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.