DevOps

Ultimate Guide to Windows Task Scheduler Hardening

Jan 27, 2024 By John Gates In CalCom

Windows Task Scheduler, previously known as Scheduled Tasks, is a powerful job scheduler built into Microsoft Windows. Its primary function is to launch computer programs or scripts at specific times or intervals predetermined by the user. Introduced as System Agent in Microsoft Plus! for Windows 95, Task Scheduler Windows has evolved into a core component of the Windows operating system.

Read Post

CalCom

Read more about Ultimate Guide to Windows Task Scheduler Hardening

Ultimate Guide to Security Impact Analysis: Essential Checklists

Jan 26, 2024 By Keren Pollack In CalCom

When planning a hardening project for information security, there are two types of impact analysis to consider – policy impact analysis and security impact analysis. Policy impact analysis refers to generating a report that indicates each policy rule’s impact on your production. It is especially important for avoiding system downtime caused by configuration changes. The second type of impact analysis is Security Impact Analysis.

Read Post

CalCom

Read more about Ultimate Guide to Security Impact Analysis: Essential Checklists

What is SCA (Software Composition Analysis) software?

Jan 26, 2024 By GitGuardian In GitGuardian

SCA or Software Composition Analysis is an important security tool that helps you understand how your application is made up. Our software is built from open-source components and these components can have vulnerabilities or simply be malicious. SCA scans our applications to identify these components and lets us know if there are vulnerabilities or issues within it. In this short video we explain what SCA tools are and how they work as well as there role in application and cyber security.

View Video

GitGuardian

Read more about What is SCA (Software Composition Analysis) software?

Windows Password Guidelines: Updated Best Practices for 2024

Jan 25, 2024 By Keren Pollack In CalCom

Setting and enforcing a policy for strong passwords should be a top priority for organizations in their cyber hygiene practice. Best practices and recommendations keep being updated since this issue is so critical for attack prevention. In fact, compromised passwords are responsible for 81% of successful attacks.

Read Post

CalCom

Read more about Windows Password Guidelines: Updated Best Practices for 2024

Shield GKE's Achilles Heel using RBAC

Jan 25, 2024 By Ben Hirschberg In ARMO

If you’re using GKE (Google Kubernetes Engine), you should be extremely cautious when adding roles to the system:authenticated group because anyone with a Gmail account can access your cluster.

Read Post

ARMO

Read more about Shield GKE's Achilles Heel using RBAC

Hardening Tools 101

Jan 24, 2024 By Keren Pollack In CalCom

Server hardening refers to the actions performed to reduce the server OS and application attack surface. this is done by changing the default configurations of the system’s components (servers, applications, etc.) and removing unnecessary components. Out of the box, Server OS are more function-oriented rather than for security, which means that unnecessary functions are enabled. Default, insecure configurations reflect a potential attack vector.

Read Post

CalCom

Read more about Hardening Tools 101

Five Ways Your CI/CD Pipeline Can Be Exploited

Jan 24, 2024 By Greg Bulmash In GitGuardian

CI/CD pipelines can be exploited in a number of ways and we're going to share a few with you.

Read Post

GitGuardian

Read more about Five Ways Your CI/CD Pipeline Can Be Exploited

Snyk & IAG

Jan 24, 2024 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Snyk & IAG

How MITRE Attack Mapping & CIS Control Mapping Fortify Your Network

Jan 23, 2024 By John Gates In CalCom

A correlation between ATT&CK Mitigations and CIS Controls, often termed as a ‘high-level’ mapping, show case the count of mapped ATT&CK (Sub-)Techniques within each ATT&CK Mitigation. Additionally, it provides the total number of ATT&CK (Sub-)Techniques associated with the respective ATT&CK Mitigation. Mitre attack mapping accurately and consistently maps adversary behaviors relevant to ATT&CK techniques as part of cyber threat intelligence (CTI).

Read Post

CalCom

Read more about How MITRE Attack Mapping & CIS Control Mapping Fortify Your Network

Overcoming CVE Shock with Effective Kubernetes Vulnerability Scanning

Jan 23, 2024 By Oshrat Nir In ARMO

ARMO’s new feature revolutionizes Kubernetes vulnerability scanning based on eBPF technology to help Kubernetes and DevSecOps practitioners focus on fixing the vulnerabilities that impact their security posture the most.

Read Post

ARMO

Read more about Overcoming CVE Shock with Effective Kubernetes Vulnerability Scanning

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Ultimate Guide to Windows Task Scheduler Hardening

Ultimate Guide to Security Impact Analysis: Essential Checklists

What is SCA (Software Composition Analysis) software?

Windows Password Guidelines: Updated Best Practices for 2024

Shield GKE's Achilles Heel using RBAC

Hardening Tools 101

Five Ways Your CI/CD Pipeline Can Be Exploited

Snyk & IAG

How MITRE Attack Mapping & CIS Control Mapping Fortify Your Network

Overcoming CVE Shock with Effective Kubernetes Vulnerability Scanning

Monthly Archive

Follow Us