Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Tines
Securing Your Cloud Infrastructure with Azure & Tines
In the third instalment of "Tines, securing your cloud infrastructure" we look at two stories designed to save money and resources and close potential security gaps in your Azure environment. Firstly, we'll address the task of 'Updating groups assigned to a user in Azure Active Directory' which allows admins to update a user's group membership in Azure Active Directory. This is essential for adding extra security to accounts flagged for suspicious activity and protecting the team & company as a whole.
Securing your cloud infrastructure with Tines & Azure
In the third instalment of "Tines, securing your cloud infrastructure" we look at two stories designed to save money and resources and close potential security gaps in your Azure environment.
Using automated workflows to reach zero trust goals faster
In an ideal approach to zero trust, in which every user and device must continually prove their identity, automation is more than a useful tool, it’s essential to your federal agency’s success. You don’t need to take our word for it - security automation and orchestration is mandated by M-22-09 and M-21-31, and forms an integral part of the framework in CISA’s ZTMM (zero trust maturity model).
"Crawl, walk, run into zero trust": a Q&A with Elastic's John Harmon
We sat down with John to tap into his 20+ years of experience in federal security, and explore the most pragmatic approaches to zero trust, along with some pitfalls to avoid.
How federal agencies can build their zero trust security tech stack
Few would argue that zero trust has become one of the most important principles of modern cybersecurity programs. But ever since the concept of zero trust security was first popularized by Forrester in 2009, many federal government agencies in the United States (along with private sector companies) have struggled to understand its requirements and implement it effectively. Critically, zero trust does not represent a single security method or a type of technology.
Building and managing malware analysis labs with Tines workflows
Understanding malware is essential to defending an organization against attacks. Analyzing suspicious applications helps us determine if an alert is a false positive, and the information discovered can be used to help remediate an incident or strengthen a system's defenses against further attacks.
Friday Flows Episode 20: Regularly Update Insecure AWS EC2 Security Groups
Launching an AWS EC2 instance can be done in seconds, but are they being set up securely for success? In today's Friday Flows, Michael Tolan helps us celebrate the 700th Tines Story Library addition with a look at a customer submitted workflow to audit and remediate default security groups for virtual machines in AWS.
Friday Flows Episode 19: Manage CrowdStrike IOCs in Slack
Analyst’s often take in IOCs from many different sources and manually copy & paste them into security tools to search for them across environments or add them to blocklists. This can be time-consuming & repetitive. This Friday Flows features a workflow that utilizes APIs to easily manage IOC’s in CrowdStrike & collaborate with peers in Slack.
The 9 best security podcasts, according to practitioners
Security teams are busier than ever, so it’s no surprise that practitioners are using podcasts to keep up to date with cybersecurity news, ideas, and tools. The data backs this one up - according to the 2023 Voice of the SOC report, 83% of security professionals listen to at least one security podcast. So which podcasts are practitioners listening to? Our report, which surveyed 900 security professionals in the US and Europe, identifies 9 frontrunners.