Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

jfrog

Part II: A Journey Into the World of An Automated Security Operation Center (SOC)

Mar 17, 2022 By Dana Rozen In JFrog

Security operation teams continuously aim to focus on two main things: 1. Real cyber security threats (also known as “True Positive Alerts”), and 2. Reducing response time, especially when you have so many different sources to monitor. However, in reality, we deal with hundreds of security alerts on a daily basis, many of which are false positives that waste our valuable time. This is where incident response/security automation becomes a requirement rather than nice to have.

Read Post
outpost 24

Opensource from hell: malicious JavaScript distributed via opensource libraries, again

Mar 17, 2022 By Martin Jartelius In Outpost 24

It’s open source, anyone can audit it, but is it safe? In this blog our CSO explores why distribution of malicious scripts via libraries is causing a stir amongst the open-source community and how you can defend against it.

Read Post
sysdig

Mitigating CVE-2022-0811: Arbitrary code execution affecting CRI-O

Mar 17, 2022 By Stefano Chierici In Sysdig

A new vulnerability CVE-2022-0811, alias cr8escape, with CVSS 8.8 (HIGH) has been found in the CRI-O container engine by Crowdstrike. This vulnerability can lead to arbitrary code execution. The container engines affected are: Any containerized infrastructure that relies on these vulnerable container engines is affected as well, including Kubernetes and OpenShift (version 4.6 to 4.10).

Read Post

What to Expect from a Managed Security Service (MSS)

Mar 17, 2022 By Cyphere In Cyphere
Organisations are increasingly turning to managed security service (MSS) providers to outsource their cybersecurity. But what should you expect from an MSS? This video provides an overview of the benefits, features and services offered by MSS providers.#managedsecurity #MSS Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.
View Video
Snyk

How to do password encryption in Java applications the right way!

Mar 17, 2022 By Brian Vermeer In Snyk

There are multiple types of encryption and most ecosystems and languages come with many libraries to help you encrypt the data. The question nowadays is, what type of encryption should I pick for the problem. This article will focus on encrypting passwords for Java applications specifically. While we can apply the main principles to any ecosystem, we will explore examples and libraries in Java that are useful for your daily job.

Read Post
Arctic Wolf

Conti Ransomware: An Analysis of Key Findings

Mar 17, 2022 By Arctic Wolf In Arctic Wolf
Amidst the turmoil of the Ukraine-Russia conflict, incident responders and ransomware researchers observed several ransomware gangs publish statements on their dark web blog sites. Some actors asserted the apolitical nature of their operations, while others clearly favored a side. Most notably, the Conti ransomware group posted a public statement in support of Russia with a stern warning of retaliation on February 25, 2022.
Read Post
devo

4 Questions to Ask About Building a Security Operations Center

Mar 17, 2022 By Devo In Devo

Building an in-house security operations center represents a significant commitment, both financially and strategically, to securing your enterprise. According to the 2021 Devo SOC Performance ReportTM — which is based on the results of a survey of more than 1,000 security practitioners — 73% of respondents said their SOC was “very important” or “essential” to their organization’s overall cybersecurity strategy.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.