Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Keep Your Private Code Packages Private With GitGuardian Honeytoken

Jun 2, 2023 By GitGuardian In GitGuardian
GitGuardian Honeytoken provides a quick and easy way to add leakage and intrusion detection to your projects. When building your packages, just create a new Honeytoken from the GitGuardian dashboard and insert it into the project where you prefer. Then build and share that package with the team with confidence.
View Video
mend

What's Driving the Adoption of SBOMs? What's Next for Them?

Jun 1, 2023 By Jeff Martin In Mend

As the software bill of materials (SBOM) becomes ubiquitous for compliance and security purposes, what has previously been a nice-to-have option is fast becoming indispensable. If you want to do business with significant partners, such as public and federal organizations, and if you want to grow your business by floating your company or engaging in M&A activity, then you’re going to need SBOMs. This demand is driven by two key trends, one technical and the other legislative.

Read Post
CalCom

The Great Resignation of CISOs: Relieve Burnout Through Automated System Hardening

May 31, 2023 By John Gates In CalCom
The cybersecurity landscape is witnessing a phenomenon that has come to be known as the “Great Resignation” among Chief Information Security Officers (CISOs). The challenges faced by CISOs in coping with ever-increasing regulations, compliance mandates, and the need for skilled resources have reached a tipping point. Coupled with a lack of cooperation from the C-suite, these factors have led to a surge in burnout among CISOs.
Read Post
mend

The Unseen Risks of Open Source Dependencies: The Case of an Abandoned Name

May 31, 2023 By Tom Abai In Mend

One often-overlooked risk in the bustling ecosystem of open-source software are vulnerabilities introduced through software dependencies. We mention this because today, a malicious actor took over a RubyGems package name with more than two million downloads. Mend.io technology detected the package before it could be used for an attack, but the case of ‘gemnasium-gitlab-service‘ serves as an important reminder of the risk of neglecting dependency management.

Read Post

Teleport 13: Automatic agent updates, Simplified AWS setup, Light theme, and more.

May 31, 2023 By Teleport In Teleport
Once again, it’s time for everyone’s favorite announcement: a brand new Teleport release! This release marks version 13 of Teleport and is packed with features, including a UI makeover, performance improvements, a few exciting previews, and so much more. Let’s dive in! Watch this episode recording with Ben Arent, Teleport’s Director of Developer Relations, as he discusses what’s new in Teleport 13.
View Video
CalCom

CIS Microsoft Windows Server 2019 Benchmark Hardening

May 30, 2023 By John Gates In CalCom
The Center for Internet Security (CIS) team continuously release updates about cybersecurity best practices for new technologies. As of March 2023 all CIS Windows Server and Windows Workstation Benchmarks will be updated once a year to align with Microsoft’s update schedule. Major version updates that CIS will release (i.e., updating from v1.12.0 to v2.0.0) will account for significant changes in the operating system.
Read Post
CalCom

CIS Critical Security Control 4 Explained

May 29, 2023 By John Gates In CalCom
CIS Critical Security Control, known now as CIS Controls have recently been updated and revised in the CIS Controls v8 released by the Center for Internet Security (CIS). The CIS Controls are a collection of industry-recognized best practices for businesses dealing with data security risks. Such measures were created to make things easier and keep the IT operations and security teams attention on crucial tasks. In v8, CIS changes a little the perspective around baseline security and system hardening.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.