Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

graylog

A Guide to Digital Forensics and Incident Response (DFIR)

Jun 26, 2023 By The Graylog Team In Graylog
When you engage in a security incident investigation, you need to quickly sift through vast quantities of data. In that moment, tracking your attacker, containing the attack, and identifying the root cause are the activities that matter most. However, in an attack’s aftermath, the digital recovery process and post-incident paperwork becomes your new nightmare.
Read Post
upguard

Preparing for CMMC Compliance: Tips and Best Practices

Jun 26, 2023 By Kyle Chin In UpGuard
‍The Cybersecurity Maturity Model Certification (CMMC) is a cyber program and security framework used by the US Department of Defense (DoD) to measure firms’ cybersecurity maturity. All DoD contractors working with the federal government must comply with this program by 2025. CMMC compliance demands that DOD contractors pass an external CMMC assessment carried out by an approved CMMC Third Party Assessment Organization (C3PAO) for all but the lowest level of CMMC certification.
Read Post
upguard

What is a Third-Party Breach? Definition & Tips for Reducing Risk

Jun 26, 2023 By Kyle Chin In UpGuard
A third-party data breach refers to a data breach that has occurred through a third-party company. In a third-party data breach, the vendor or supplier’s system has been compromised and used to steal data that belongs to you. A third party can be defined as an organization with which your organization has entered into a business relationship to provide goods, access, or services for your use.
Read Post

CrowdStrike Takes On Spyboy's "Terminator"

Jun 26, 2023 By CrowdStrike In CrowdStrike
On May 21, 2023, a new threat actor named Spyboy emerged, advertising a tool known as “Terminator” in a Russian-language forum, claiming the software could bypass over 20 common AV and EDR controls. CrowdStrike automatically blocked this executable, categorizing this as a high-severity detection, enabled by our AI-powered indicators of attack.
View Video
Zenity

Remediation Ballet Is a Pas de Deux of Patch and Performance

Jun 26, 2023 By Michael Bargury In Zenity

Generative AI capabilities continue to make their way into every organization, with increasingly useful ways of helping employees and contractors be more productive. This includes advancing how fully automated vulnerability remediation works, and with the power of generative AI, is able to take into account unique environments and uses in real-time.

Read Post
Snyk

Maximizing IAM security with AWS permissions boundaries and Snyk

Jun 26, 2023 By Wayne Crissman In Snyk

In today's rapidly evolving cloud landscape, managing permissions and ensuring robust security controls are essential for organizations utilizing Amazon Web Services (AWS). AWS Identity and Access Management (IAM) is crucial in managing permissions to access AWS resources. While IAM provides granular control over permissions, AWS IAM permissions boundaries offer additional security and flexibility for fine-tuning access controls.

Read Post

Encryption Backdoors: Balancing Security and Privacy

Jun 26, 2023 By Razorthorn In Razorthorn
Join us in this thought-provoking video as we delve into the heated debate surrounding encryption backdoors. Should technology companies be compelled to create backdoors in their encryption systems to enable surveillance and facilitate investigations? We explore the arguments for and against this contentious issue, considering the need for security while preserving individual privacy. We also address concerns about government overreach and historical instances where privacy has been compromised. Learn about executive orders such as EO 1227 and the implications they have on mass surveillance and privacy rights. Engage in the conversation and share your perspective on this crucial topic that impacts us all.
View Video
sumologic

Responding to remote service appliance vulnerabilities with Sumo Logic

Jun 26, 2023 By Anton Ovrutsky In Sumo Logic
For those responsible directly or indirectly for the cyber defense of their organizations, June 2023 is proving to be an extremely challenging month. In this month alone, vulnerabilities were discovered in various appliances, ranging from CVE-2023-27997 impacting FortiGate devices to CVE-2023-35708 impacting MOVEit Transfer software as well as the exploitation activity discovered of Barracuda appliances via CVE-2023-2868.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.