Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Enhancing Observability in DevSecOps

Digital transformation often accelerates innovation at the expense of creating an intelligence gap with massive amounts of unanalyzed data. This is where Continuous Intelligence comes into play. Join Sumo Logic’s Systems Engineer, Suresh Govindachetty, as he demonstrates how Continuous Intelligence helps find and solve information gaps, and how a single platform approach allows organisations to combine devs, operations, and security in ways that ease the burden for all teams across the organisation.

How to Set Up Kubernetes SSO with SAML

Kubernetes has some impressive baked-in role based access controls (RBAC). These controls allow administrators to define nuanced permissions when querying Kubernetes resources, like Pods, Deployments, ReplicaSets, etc. For those familiar with Kubernetes, the value of RBAC is immediately recognizable. A single Kubernetes cluster can contain your organization’s entire CI/CD pipeline, highly available SaaS products, or infrastructure that is in the process of being moved to the cloud.

Barnes & Noble warns customers it has been hacked, customer data may have been accessed

American bookselling giant Barnes & Noble is contacting customers via email, warning them that its network was breached by hackers, and that sensitive information about shoppers may have been accessed. In the email to customers, Barnes & Noble says that it became aware that it had fallen victim to a cybersecurity attack on Saturday October 10th.

Fix now: High risk vulnerabilities at large, October 13th

This time around, the MySQL vulnerabilities caught our attention because of their low CVSS scores compared to their high likelihood risk rating. This is something we see often when working with our customers, and demonstrates how a risk based approach to vulnerability management changes as organizations focus on where there is a real risk of compromise.

The Journey to 7X Search Performance Improvement

Egnyte is used by our customers as a unified platform to govern and secure billions of files everywhere. As the amount of data stored is huge, customers want to search their dataset by metadata attributes like name, user, comments, custom metadata, and many more, including the possibility to find files by content keywords. Taking all of that into consideration, we needed to provide a solution that is able to find relevant content in a fast and accurate way.

Add DLP to Airtable with Nightfall's API platform

Airtable has proven its staying power among tech unicorns as a customizable and collaborative project management platform that empowers users to track literally anything at work or at home. When the company announced its $185 million Series D funding in September, they generated a whole new round of buzzworthy headlines. For security leaders, this means that new requests for adding Airtable to tech stacks are likely on the way.

Making SCA part of your AST Strategy

Open source software is now used in nearly every organization, which makes it critical to know your code. Learn how an SCA tool can help you. There’s an ongoing sea change in how developers ensure a more secure software development life cycle (SDLC). “Shift left” is the notion that creating high-quality software begins with planning and continues through the development and testing stages to actual deployment.

A Few Minutes More: Add Xray DevSecOps to Artifactory Enterprise on Azure

In a prior blog post, we explained how to install or update Artifactory through the Azure Marketplace in the amount of time it takes for your coffee order to arrive on the counter. Now you can add to your self-managed (BYOL) Artifactory deployment Xray, the cream of software component analysis (SCA) tools, through the Azure Marketplace as well.

Event Log Management for Security and Compliance

Security log management is the process of collecting, storing, and correlating the network data that details all activity in your systems and networks. Every action in an organization’s network generates event data, including records produced by operating systems, applications, devices, and users. The Center for Internet Security (CIS) identifies log management as a basic control for detecting malicious actors and software hiding in networks and on machines.