Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

ManageEngine launches M365 Security Plus, an exclusive security solution for Microsoft 365

Data is the cornerstone of most businesses. Companies handle a substantial amount of data every day, and just one data breach can result in compliance violations, lawsuits, and more, costing the company thousands of dollars. Here at ManageEngine, we believe that part of what makes a business successful is having an efficient security solution. Taking that one step further, we have designed the perfect security solution for Microsoft 365: M365 Security Plus.

AlienApps and plug-ins combined into one framework

The heart of any detection and response solution is the ability to collect events from the environment, perform corrective response actions, and integrate with customer workflows. Today, we’re proud to announce the launch of a complete redesign of the user interface for these third party integrations.

License Compatibility: Combining Open Source Licenses

Free and open source software (FOSS) components have become the basic building blocks of our software products, helping today’s developers build and ship innovative products faster than ever before. Many developers tend to forget that while open source licenses are free, they still come with a set of terms and conditions that users must abide by.

Detecting Windows Persistence

Persistence is effectively the ability of the attacker to maintain access to a compromised host through intermittent network access, system reboots, and (to a certain degree) remediation activities. The ability of an attacker to compromise a system or network and successfully carry out their objectives typically relies on their ability to maintain some sort of persistence on the target system/network.

How to Implement Network Policy in Amazon EKS to Secure Your Cluster

By default, pods are non-isolated; they accept traffic from any source. The Amazon EKS solution to this security concern is Network Policy that lets developers control network access to their services. Amazon EKS comes configured with Network Policy using Project Calico which can be used to secure your clusters. This class will describe a few use cases for network policy and a live demo implementing each use case.

Breaking Down Risky Open Source Libraries by Language

You work hard to produce quality applications on tight deadlines, and like every other development team out there, that often means relying on open source code to keep projects on track. Having access to plug-and-go code is invaluable when you’re racing the clock, but the accessibility of open source libraries comes with a caveat: increased risk.

Integrating the Risk Management Framework (RMF) with DevOps

Information security should be at the heart of every system launched. In accordance with the Federal Information Security Management Act (FISMA), an information technology system is granted an Authority to Operate (ATO) after passing a risk-based cybersecurity assessment.

Threat hunting capture the flag with Elastic Security: BSides 2020

Last month, members of the Elastic Security team hosted a threat hunting capture the flag (CTF) event at BSides SATX. We provided the community with an environment to learn and practice threat hunting with our team, and cultivated new relationships with attendees. By sharing information with security practitioners, we can help prepare them to defend their organization’s data from attack through knowledge transfer.

Audit Checklist for SOC 2

If your company is a service organization and your customers trust you with their data, you may need to pass a SOC 2 (System and Organization Controls 2) audit. Compliance and certification are the goals of a SOC 2 audit. Because the integrity, confidentiality, and privacy of your customers’ data are on the line, they’ll want you to prove that you have the internal controls in place to protect that data. The SOC 2 compliance audit gives them that assurance.