Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Blogs

datadog

Monitor Slack audit logs with Datadog Cloud SIEM

Sep 27, 2024 By Vera Chan In Datadog
Millions of enterprise users rely on Slack every day as their primary tool for instant communications and information sharing. Because of its central role in operations, Slack inevitably handles sensitive data and critical business information—which also makes it a high-value target for attackers. For this reason, it’s critically important for security teams to detect and respond to security threats against Slack.
Read Post
Snyk

Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System

Sep 27, 2024 By Jim Armstrong In Snyk
On September 27, 2024, evilsocket.net (Simone Margaritelli) published information about several vulnerabilities in CUPS (Common UNIX Printing System), which can allow for arbitrary remote code execution (RCE). There are currently 4 CVEs associated with these findings, with potentially more on the way. There is also some debate about the severity of these vulnerabilities, however, one of the CVEs was initially given a CVSS score of 9.9. We will update this blog if new information becomes available.
Read Post
graylog

What is NIST 800-53?

Sep 27, 2024 By Jeff Darrington In Graylog
Imagine compliance is like a driving application. You know your location and you plug in the destination address, then it shows you the route’s overview. If you want a more specific map, you can zoom in a bit and get more details. Similarly, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and it’s most recent revision provide the overview roadmap for your compliance journey.
Read Post
ignyte Team

When Is ISO 27001 Considered Mandatory? 5 Examples

Sep 27, 2024 By Max Aulakh In Ignyte
ISO 27001 is the international standard for information security and protection. It’s roughly equivalent to similar infosec frameworks in the United States, like FedRAMP and CMMC, but the international development, maintenance, and scope of the ISO framework makes it much more commonly seen outside of US Government contracting. In the US, it’s clear that a security framework mandated by the government is required when working as a contractor for the government. What about ISO 27001?
Read Post
safeaeon

SaaS Security Posture Management/SSPM: A Must-Have for Securing Your SaaS Applications

Sep 27, 2024 By SafeAeon Inc. In SafeAeon
As more companies adopt Software-as-a-Service (SaaS) apps, keeping these cloud-based systems secure has become crucial. While SaaS offers convenience, scalability, and flexibility, it also introduces significant security risks. Organizations must actively monitor and control the security of their SaaS environments. SaaS Security Posture Management / SSPM is becoming an essential tool for this task.
Read Post
persona

Business impersonation: is your KYB strategy up to the challenge?

Sep 27, 2024 By Jeff Sakasegawa In Persona
A webinar recap with Bolt and About Fraud. Jeff Sakasegawa is Persona's trust & safety architect. Prior to Persona, Jeff worked in fraud and compliance operations at Square, Facebook, and Google. Jeff Sakasegawa is Persona's trust & safety architect. Prior to Persona, Jeff worked in fraud and compliance operations at Square, Facebook, and Google.
Read Post
astra

How to Conduct Web App Penetration Testing?

Sep 27, 2024 By Jinson Varghese In Astra
Web application penetration testing is a comprehensive and methodological process that leverages various tools and techniques to identify, analyze, and prioritize vulnerabilities in the application’s code and configurations. It goes beyond basics to find interlinked business logic vulnerabilities before attackers can gain unauthorized access to sensitive data, disrupt operations, or steal user data.
Read Post
securitysenses

Cybersecurity in Web Development: Best Practices for Secure Sites

Sep 27, 2024 By SecuritySenses In SecuritySenses
Creating a website takes more than designing it to be visually appealing and user-friendly. Due to increased cyber threats, web developers have a challenge on their hands as they are required to observe security measures for both the users and the website. There is a high possibility of incurring costs due to reputation loss and business losses due to security breaches, thus emphasizing the need for the incorporation of security into every stage of web development. Everything must be perfectly safe, so we decided to ask professionals from paspartoo.com what things really matter.
Read Post
securitysenses

AI and License Plates: A Game-Changer for Vehicle Tracking

Sep 27, 2024 By SecuritySenses In SecuritySenses
You know how in those spy movies, they always seem to magically identify cars zipping by? Well, it's not just Hollywood magic anymore. Thanks to AI, license plate recognition has come a long way from the days of squinting cops with notepads. Let's dive into this tech that's shaking up everything from parking lots to police work.
Read Post
securitysenses

Best Practices for Managing an Enterprise Integration Platform

Sep 27, 2024 By SecuritySenses In SecuritySenses
Integration management is critical for organisations to smoothen their operations and communications among different systems. Proper management will ensure that integration processes are competent, secure, and scalable. This article identifies key best practices that any organisation should apply in managing an integration platform, focusing on API integration platforms and system integration platforms.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.