Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Meeting the Challenges of Remote Work with Chrome OS Policy Settings - Part I

Many organizations, from enterprises to small businesses and schools, are focusing efforts on distance working and learning. One significant hurdle for those who are suddenly tasked with supporting remote users is the question of how to manage a fleet of new endpoints. One appealing solution for managing all these new remote users is to use Google Chromebooks.

CISO: What the Job REALLY Entails and How It's Evolved over the Years

All of us know what a Chief Information Security Officer (CISO) does from afar. A CISO upholds the organization’s overall security by overseeing the operations of the IS practice, the IT security department and related staff. In this capacity, those who become a CISO attain the highest paying job in information security, as it carries the associated responsibility of enabling business in a fast-evolving threat landscape. But is there more to this job than that description is letting on?

Mitigating the Risks of Instance Metadata in AWS EKS

Compromising a pod in a Kubernetes cluster can have disastrous consequences on resources in an AWS Elastic Kubernetes Service (EKS) account if access to the Instance Metadata service is not explicitly blocked. The Instance Metadata service is an AWS API listening on a link-local IP address. Only accessible from EC2 instances, it enables the retrieval of metadata that is used to configure or manage an instance.

Improve Workflow Collaboration with Slack Integration for ZenGRC

Not long ago, we’d say “slack” to describe not working, as in “slacking on the job.” With the advent of the Slack app, though, the term has become synonymous with productivity. And Slack’s ability to work in tandem with hundreds of applications makes this popular team communication and collaboration tool even more useful.

Aviation cybersecurity: Hurdles of staying secure on the ground and at 36,000 feet

Digitization has made its way into every industry. With this shift comes many benefits as well as the risk of a cyber attack. This is especially true in aviation. No matter how securely companies can build networks to ward off cyber attacks, the risk is never absent. With planes operating thousands of feet off the ground — often full of commercial passengers — a digital attack can potentially cost lives as well as millions in damages.

Secure and monitor your containers on Bottlerocket from AWS

Sysdig is pleased to support AWS today in their GA launch of Bottlerocket, a special-purpose operating system designed for hosting Linux containers. Orchestrated container environments run potentially hundreds of compute nodes. Operating general-purpose Linux on container hosts introduces complexity for IT teams who must patch and update packages across their clusters. Worse, features and packages that are not necessary for running containers, introduce unnecessary security exposure.

SCM in Practice: How to Strengthen Your Organization's Security Processes

Security configuration management (SCM) involves maintaining a secure baseline configuration for an organization’s systems and monitoring those assets for deviations from that baseline. This fundamental control pairs well with other elements of an organization’s security strategy. As such, SCM enables security teams to harden their organization’s cloud workloads, industrial environments and other IT assets against digital threats.

What are the Types of Reports on a SIEM Solution?

A Security Information and Event Management (SIEM) solution collects log data from numerous sources within your technical infrastructure. This acquisition and normalization of data at one single point facilitate centralized log management. It allows businesses to generate reports containing security information about their entire IT infrastructure. Reporting, out of many benefits of a SIEM solution, also helps businesses in fulfilling their documentation and compliance requirements.