Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Reducing vulnerability noise with Sysdig

Apr 20, 2022 By Sysdig In Sysdig
Reduce vulnerability noise by up to 95%, and focus on what matters with Sysdig. If you feel overloaded with vulnerabilities from container images, then you’re not alone! It's common for DevOps teams to spend hours scrolling through hundreds of vulnerabilities even when just a small fraction poses a real risk. So how do you focus on the vulnerabilities that really matter? Sysdig Secure automatically prioritizes the vulnerabilities that are tied to packages exposed at runtime. Filtering thousands of overwhelming alerts down to only the critical ones that you should spend your time on!
View Video
SecurityScorecard

The Caller is Coming from Inside the House!

Apr 20, 2022 By SecurityScorecard In SecurityScorecard

SecurityScorecard’s own Ondrej Krehel talks with News 12 in New York about how to protect yourself from what might be the most surreal spam number of all—your own. Most of us are used to getting spam texts: You’ve paid your bill, click this link for a free gift! You’ve won the sweepstakes, click here to redeem! It’s no surprise that nothing good comes from clicking those links.

Read Post

The Impact of New Federal Banking Regulation

Apr 20, 2022 By SecurityScorecard In SecurityScorecard
Let’s talk about the new federal bank regulation that goes into effect in April 2022. It will require organizations to notify about a breach within 36 hours, which is the shortest breach notification reporting requirement of any law to date. The clock starts ticking when the organization determines that an incident has occurred. A serious computer incident is usually defined as an incident that materially disrupts or degrades the performance of an organization.
View Video

Coffee Talk with SURGe: 2022-APR-19 MS-RPC Vulnerability, Lazarus, Pipedream

Apr 20, 2022 By Splunk In Splunk
This week Audra Streetman, Ryan Kovar, and Mick Baccio from Splunk discussed the latest security news, including the MS-RPC vulnerability CVE 2022 26809, a CISA alert about the North Korean state-sponsored Lazarus Group, and Sunday's 60 Minutes episode on the threat of Russian cyberattacks targeting U.S. critical infrastructure. Mick and Ryan also competed in a 60 second charity challenge to explain why Americans should be concerned about the potential for a Russian cyberattack targeting U.S. critical infrastructure.
View Video

[Thoughtleadership webinar] The emerging cyber threat and attack trends of 2022 with Bryan Seely

Apr 20, 2022 By ManageEngine In ManageEngine
Tune in to this webinar featuring ManageEngine product expert, Ganesh, and cybersecurity expert and ethical hacker, Bryan Seely, to understand the emerging cyber threat trends in 2022, and how organizations can stay on top of attacks with a solid PAM programme.
View Video

Network Evidence For XDR

Apr 20, 2022 By Corelight In Corelight
XDR - Extended detection and response - promises to integrate data from any source to stop today's sophisticated and often automated attacks. The key is: Which source? Register for this exclusive session for insights on why network evidence must be a key part of your XDR strategy. Topics to be discussed include how to: Walk away with new ideas on how to stay ahead of ever-changing attacks by using a data-first strategy for detection and response.
View Video
jfrog

Wolves or Sheep: How Xray Avoids False Positives in Vulnerabilities Scans

Apr 20, 2022 By Paul Garden In JFrog

You probably know the story of “the boy who cried ‘Wolf!’” In the ancient fable, villagers tire of a shepherd’s false alarms, and stop paying attention to them. That’s a lesson for software security teams, not just schoolchildren. Raising concerns about threats that turn out to be flimsy or false erodes the trust that binds your department, and even the faith your customers have in you.

Read Post
Snyk

The ultimate guide to Python pickle

Apr 20, 2022 By Thomas Daniels In Snyk

During application development, we often need to persist complex data (like objects) for use in different runtimes. However, maintaining persistence within complex data structures and objects is far from straightforward. In Python, you can use the built-in pickle library to handle this process. Pickle can serialize a Python object into a flat byte stream (pickling) as well as transform a byte stream back into a Python object (unpickling).

Read Post
teleport

Alternatives to a Corporate VPN

Apr 20, 2022 By Shivashish Yadav In Teleport

Many businesses use virtual private networks (VPNs) to provide secure remote access to their systems, but this has increasingly become a liability as more people switch to remote work. The greater demands placed on VPNs to offer safe access can expose organizations and employees to security vulnerabilities. In order to better protect their data and systems, organizations may need to seek alternatives to VPNs.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.