Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Securing and Monitoring AWS Container Services

Sep 29, 2020 By Sysdig In Sysdig
Developers, operations, and security teams must work together to address key workflows to secure and monitor containers, Kubernetes and cloud services across the entire cloud-native lifecycle. By addressing mage scanning, runtime security, and compliance, along with monitoring for Kubernetes, container, applications, and cloud services you can automate protection and performance management to accelerate cloud adoption.
View Video
netskope

Leaky Images: Accidental Exposure and Malware in Google Photos and Hangouts

Sep 29, 2020 By Ashwin Vamshi In Netskope

Did you know that the default link sharing option in Google Photos allows anyone with the link to view the files and all images shared in Google Hangouts that are publicly accessible? In this edition of our leaky app series, we will cover how image link sharing in Google Hangouts and Google Photos can lead to the accidental public exposure of sensitive data. We will also look at the threat detection capabilities of Google Photos and Google Hangouts.

Read Post
lookout

Shadow IT shaken with a mobile twist

Sep 29, 2020 By Gert-Jan Schenk In Lookout

If you bring up the topic of “shadow IT” to your head of IT, you will likely get a lecture about how employees need to follow protocol when using cloud cloud services so they don’t put the organization at risk. They’re not wrong. Without proper protection, unsanctioned tools can have significant consequences and unintentionally introduce security gaps.

Read Post
bearer

Measuring Performance in Node.js with Performance Hooks

Sep 29, 2020 By Mark Michon In Bearer

Measuring performance in Node.js applications can sometimes be a challenge. Do to the nature of the event loop and asynchronous code, determining the actual time a piece of code takes to execute requires tools built into the platform. First added in Node.js v8.5, as stableas of v12, the Performance Measurement APIs are stable and allow much more accurate monitoring than earlier implementations.

Read Post
splunk

Best Practices for Delivering a Business-Driven Security Posture

Sep 29, 2020 By Brian Spanswick In Splunk

The main focus for cybersecurity teams — moving beyond compliance — is to deliver the level of security required to manage the likelihood of a breach and the potential impact to the business. This is more effective than simply focusing on the cost of delivering security services.

Read Post
alienvault

Stories from the SOC - Cloud and On-site Protection

Sep 28, 2020 By Edwardo Rodriguez In AT&T Cybersecurity

One of the benefits of having your managed detection and response (MDR) service managed by AT&T Cybersecurity is the visibility into threats from a large number of customers of all sizes and across different industries. This allows the team to take what they learn from one customer and apply it to another. Our security operation center (SOC) analysts were able to use an OTX alarm and an AWS correlation rule to discover open ports on public facing servers for two different customers in 24 hours.

Read Post

iDevNews Application Architecture Summit 2020 | RBAC for SSH and Kubernetes Access with Teleport

Sep 28, 2020 By Teleport In Teleport
Enterprises are best served by leveraging an RBAC system to manage access to their SSH and Kubernetes resources. With Teleport, an open source software, employers are able to provide granular access controls to developers based on the access they need and when they need it. This makes it possible for employers to maintain secure access without getting in the way of their developers’ daily operations. Join Steven Martin, Solution Engineer at Gravitational, as he demonstrates how to assign access to developers and SRE’s across environments with Teleport through roles mapped from enterprises’ identity providers or SSOs.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.