Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

mend

Mend.io Launches Mend Container

Mar 19, 2024 By AJ Starita In Mend
While cloud-native development brilliantly solves problems related to scalability and effective resource use, a more complex architecture and new security challenges come along for the ride as well. The added layer of abstraction of container architecture can make tracking down vulnerabilities and poorly stored secrets, assessing true risk, and enforcing policies difficult for security teams using only traditional AppSec tools.
Read Post
cyberhaven

The cubicle culprits: how in-office employees are leading the charge in corporate data exfiltration

Mar 19, 2024 By Cameron Coles In Cyberhaven
In the wake of evolving work arrangements, the spotlight often falls on remote and hybrid employees as potential threats to data security. Yet, our latest research uncovers a surprising twist in the narrative. It’s the in-office employees, traditionally considered the safest bet, who are now leading the charge in corporate data exfiltration.
Read Post
securitysenses

Mahjong Titans: Understanding Its Popularity and Appeal

Mar 19, 2024 By SecuritySenses In SecuritySenses
Ever asked yourself how some games manage to remain popular for decades and appeal to people of different ages because of their charisma and level of difficulty? Mahjong Titans is one of those games that can be seen even in the digital space today, and it still manages to captivate and amuse people. It contains elements of strategy, requires agility, as well as depends on fortune - all of which explain why it is so interesting and popular. However, what is it about Mahjong titans which makes many people love it?
Read Post
CalCom

How LDAP is used in Active Directory

Mar 18, 2024 By Keren Pollack In CalCom
The primary protocol employed within Microsoft’s Active Directory(AD) is Lightweight Directory Access Protocol (LDAP). While LDAP serves as a fundamental component in AD, its application extends beyond, enabling user authentication in various tools and client environments. This includes Red Hat Directory Servers on UNIX systems and OpenLDAP, an open-source application used on Windows platforms.
Read Post
algosec

Why misconfigurations continue to plague public cloud network services and how to avoid them?

Mar 18, 2024 By Oren Amiram In AlgoSec
Oren Amiram, Director of Product at AlgoSec, explains why misconfigurations continue to plague public cloud network services and how organizations can address these shortfalls with AlgoSec Cloud. Cloud security as a strategy is constantly evolving to meet the needs of organizations for scale, agility, and security. If your organization is weighing the merits of the use of public cloud versus private cloud, here are a few facts to keep in mind. Data shows that the public cloud is the preferred choice.
Read Post
knowbe4

CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat

Mar 18, 2024 By Stu Sjouwerman In KnowBe4
A joint cybersecurity advisory published last week discusses ransomware attack impacts on healthcare, along with ALPHV’s attack techniques, indicators of compromise (IoCs) and proper response actions. ALPHV is a big enough problem that Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Department of Health and Human Services (HHS) all are getting together to put healthcare organizations on notice.
Read Post
vista infosec

PCI DSS Requirement 12 - Changes from v3.2.1 to v4.0 Explained

Mar 18, 2024 By Ronak Patel In VISTA InfoSec
Welcome to our latest blog post where we delve into the intricacies of the Payment Card Industry Data Security Standard (PCI DSS) Requirement 12. This requirement, which focuses on maintaining an Information Security Policy, is a cornerstone of the PCI DSS framework. It outlines the need for comprehensive policies and programs that govern and provide direction for the protection of an entity’s information assets.
Read Post
ignyte Team

ConMon: FedRAMP Continuous Monitoring and How It Works

Mar 18, 2024 By Ignyte Team In Ignyte
ConMon: FedRAMP Continuous Monitoring and How It Works Obtaining a software approval with the federal government and its agencies as a contractor and obtaining an Authority to Operate (ATO) is not a one-time process. We’re not just referring to the need to recertify annually and pass occasional audits. We’re talking about an additional part of the process, the final part of the NIST Risk Management Framework: Monitoring.
Read Post
ignyte Team

What is OSCAL and Why Does It Matter for NIST and FedRAMP?

Mar 18, 2024 By Ignyte Team In Ignyte
What is OSCAL and Why Does It Matter for NIST and FedRAMP? Complying with federal cybersecurity guidelines is a difficult task. Unfortunately, many contractors and cloud service providers take a rather lax view of compliance, and it’s an all-too-common scenario for a company to build up standards and practices for audit time and let them slip immediately thereafter until the lead-up to the next audit. Part of this is simply the immense complexity of cybersecurity.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.