A few days ago, security researcher Max Kellermann published a vulnerability named DirtyPipe which was designated as CVE-2022-0847. This vulnerability affects the Linux kernel and if exploited, can allow a local attacker to gain root privileges. The vulnerability gained extensive media follow-up, since it affects all Linux-based systems with a 5.8 or later kernel, without any particular exploitation prerequisites.
The Federal Risk and Authorization Management Program (FedRAMP) has been in place for just over a decade (2011). Its purpose is to provide a “cost-effective, risk-based approach for the adoption and use of cloud services” by the federal government. This is to equip and enable federal agencies to utilize cloud technologies in a way that minimizes risk exposure through security and protection of federal information and processes.
California Consumer Privacy Act is a data privacy regulation established in the US. Achieving and maintaining compliance with the regulation can be overwhelming for organizations. But with the right understanding of the CCPA Compliance regulation and adhering to the compliance requirements, achieving compliance can be easy. So, explaining the regulation in detail we have shared an informative checklist that organizations can refer to as steps to achieve CCPA compliance.
Businesses today have many tools in their security stack and security teams find themselves spending too much time managing the tools and not enough time tackling business-critical projects. Security tool overload creates internal challenges and distracts from the primary business mission. How can companies better protect themselves while staying on track to achieve goals?
The benefits of a capable and properly deployed File Integrity Monitoring (FIM) solution are plentiful: And the importance of FIM cannot be understated. Let’s not forgot what the Center for Internet Security (CIS) says in its Distribution Independent Linux Benchmark version 2.0.0.
Just days after Russia launched its invasion against the people of Ukraine, news reports emerged of several cyberattacks. Deployed systematically ahead of the land invasion, Russian cyberattacks against Ukraine have rendered Ukrainian banks, government departments and other core services unavailable through the use of sophisticated ‘data wipers
Gartner® recently predicted that “By 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform."* If you don't know what SSE is, you should read my colleague Sundaram Lakshaman’s breakdown of SSE and Secure Access Service Edge (SASE). The gist of it is that SSE is the convergence of security technologies inside the SASE framework.
