Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We recently wrote about npm audit fix, which is an add-on to the excellent npm audit, that has become a fundamental tool for managing software packages in Node.js projects. However, developers working with other languages also require specialized tools for Software Composition Analysis (SCA). At Jit, our tool of choice for SCA scanning across a diversity of programming languages is OSV Scanner, a best of breed OSS solution maintained by Google.

This blog provides detailed steps to show you how to move from VMware to Red Hat OpenShift Virtualization using Red Hat’s MTV Operator (Migration Toolkit for Virtualization Operator). To further help the reader, you can see a video of Trilio for OpenShift here Red Hat OpenShift Virtualization and KubeVirt Backup & Recovery with Trilio, and a whitepaper about Trilio VMware migration to OpenStack Technology-Driven VMware to OpenStack Migration: A Comprehensive Guide.

An ad-hoc query is an unscheduled data inquiry, typically created in response to questions that cannot be addressed using predetermined or predefined datasets. Ad hoc distributed queries utilize the OPENROWSET(Transact-SQL) and OPENDATASOURCE(Transact-SQL) functions for establishing connections with remote data sources employing OLE DB. It’s advisable to employ OPENROWSET and OPENDATASOURCE solely for referencing OLE DB data sources that are accessed on an occasional basis.

Server hardening is a process that secures, essentially “hardening” a server infrastructure reducing the attack surface, which encompasses all potential entry points that unauthorized attackers could exploit. The objective is to enhance protection, minimize vulnerability and improve security posture. Achieving security and compliance requires implementing server hardening as an essential prerequisite. Server hardening is a proactive process that involves.

Digital transformation powers critical infrastructure, the protection of systems is paramount. ThreatQuotient has announced its participation in the vendor affiliate program of the Electricity Information Sharing and Analysis Center (E-ISAC). This collaboration marks a significant step forward in fortifying North America’s electricity grid against cyber threats.

Microsoft Endpoint Manager is a unified, integrated management platform for managing all your endpoints. Endpoint Manager combines services you may know and already be using, including Microsoft Intune, Configuration Manager, Desktop Analytics, Co-management, and Windows Autopilot.

In this week’s episode of The Future of Security Operations podcast, I'm joined by George Griesler. George has been working in cybersecurity since 1997, when he assumed the role of Senior Network administrator at the United States Golf Association (USGA), eventually advancing to Director of Information Security.

Generative AI is an exciting technology that is now easily available through cloud APIs provided by companies such as Google and OpenAI. While it’s a powerful tool, the use of generative AI within code opens up additional security considerations that developers must take into account to ensure that their applications remain secure. In this article, we look at the potential security implications of large language models (LLMs), a text-producing form of generative AI.