Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

nightfall

Is Slack Secure from Threat Actors & Hackers in 2023?

Nov 22, 2022 By Michael Osakwe In Nightfall

When Uber was breached in September, the hacker remained undetected until they announced their presence within the org via Slack. This incident provides yet another example of Slack being leveraged by an attacker. In this post, we’re going to review some of the ways attackers have used Slack in breaches, why this is happening, and what you can do about it.

Read Post

Shifting Left with the Crowdstrike and AWS CI/CD Pipeline

Nov 22, 2022 By CrowdStrike In CrowdStrike
CI/CD combines the practices of continuous integration (CI) and Continuous Delivery (CD) to allow DevOps teams to deliver code updates frequently, reliably, and quickly. CI/CD emphasizes automation throughout the development lifecycle (Buid, Test, Deploy). By replacing the manual efforts of traditional development, code releases can happen more frequently, and with less bugs and security vulnerabilities. At CrowdStrike, we focus on integrating security into the CI/CD pipeline. As part of the functionality of CrowdStrike’s Falcon Cloud Workload Protection (CWP), customers have the ability to create verified image policies to ensure that only approved images are allowed to progress through the CI/CD pipeline and run in their hosts or Kubernetes clusters.
View Video
Trustwave

Evolution of the SOC - From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program

Nov 22, 2022 By Trustwave In Trustwave

Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program How important is the Security Operations Center (SOC) to a business and a security leader's overall success? The answer is a bit cloudier than one would believe, given the length of time the SOC has been part of our security program lexicon.

Read Post
netskope

What Does The Twitter Chaos Tell Us About The Security Of Our Data?

Nov 22, 2022 By Richard Davis In Netskope

What a few weeks it has been for Twitter, from the sacking of half its workforce, and the rushed release of a new feature that allows impersonation of people and brands, through to the unintentional lock out of some users with a certain multi-factor authentication (MFA) configuration enabled. Added to this, we have also seen major resignations of key individuals across the Information Security, Privacy and Compliance groups.

Read Post
mend

Integrating Dependency Management Into Cloud Services: The Mend-AWS Partnership

Nov 22, 2022 By Adam Murray In Mend

The ongoing growth in the adoption of cloud services poses escalating opportunities and risks in equal measure. The increased capacity and scalability of cloud environment lends itself to an accelerated pace and higher volume of software and application development than ever before. This trend brings into play a huge increase in the number of software components and dependencies that developers use in their code bases.

Read Post
splunk

The CISO Role: What Does a Chief Information Security Officer Do?

Nov 22, 2022 By Stephen Watts In Splunk

With the high rate of cyberattacks today, the role of a chief information security officer (CISO) has become more important — and much more visible. Businesses have been forced to invest in guarding their infrastructures, networks and sensitive data. This blog post will take a look at the basics of a CISO, as well as the CISO's main tasks and responsibilities.

Read Post

Coffee Talk with SURGe: RansomBoggs, Log4Shell Exploitation, Medibank Update, Twitter E2EE Messaging

Nov 22, 2022 By Splunk In Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge about network surveillance. The group also discussed the possibility of Twitter implementing end-to-end encrypted messaging on the platform.
View Video
Internxt

Phishing Isn't Just an Email Problem... How To Protect Your Business From Phishing

Nov 22, 2022 By Internxt Contributor In Internxt
Don’t panic, but phishing assaults increased by 350% since the pandemic. Phising is one of the most prevalent and effective online con games. To put the scale of the damage it causes into perspective, phishing brings in $1 trillion more a year than Walmart’s total sales. Please, remain calm! When you hear 'phishing,' your first thought that probably comes to mind is 'emails.' Phishing attacks frequently go through emails in the guise of files, PDFs, hyperlinks, and other formats.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.