We have most certainly been adding fuel to the fire, this is easily the biggest update we have had all year! We continue to add team members and our engineering capability is growing. The list of improvements and new capabitliite is too much to try and summarize, you will have to read the release notes below.
We all know how hard it is for companies to fill open cybersecurity positions. But is the situation improving? What are the root causes of the problem? And most importantly—what can be done about it?
CI/CD pipeline attacks are a growing threat to enterprise security. In this article, we’ll provide an overview of CI/CD for non-developers, discuss the cybersecurity issues involved, and offer some recommendations for developers, companies, and security teams.
The team at LimaCharlie continues on its mission to develop the concept of Security Infrastructure as a Service. We added three new team members during the month of June with more coming! We also hosted a webinar on securing your CI/CD pipeline built around some new capabilities we added which allow for the ingestion and monitoring of GitHub audit logs. You can watch a recording of that webinar here: SecDevOps & LimaCharlie - Automating and auditing of GitHub access
The market for cybersecurity solutions is changing, but the way vendors sell security products seems stuck in the past. There’s a lot that can be said about this, but here we want to raise an issue that isn’t talked about enough: Is cybersecurity sales culture, itself, bad for cybersecurity?
Please introduce yourself and tell us what you do, and what your company does. I’m Kimber Dowsett and I’m a Director at Krebs Stamos Group(KSG). We conduct cybersecurity consultancy engagements for high-profile organizations that may or may not have experienced a high-profile breach or acquisition, or simply want a world-class assessment of their org’s overall security posture.
Endpoints as well as applications such as AWS, Google Cloud, Office 365, 1Password, Slack, and thousands of others produce vast amounts of data. The volume of security data is growing, and this growth will continue for the foreseeable future. This, in turn, leads to several challenges: To solve these problems, many companies have adopted Splunk as their SIEM (security information and event management) platform.
