Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

Mockbin and the Art of Deception: Tracing Adversaries, Going Headless and Mocking APIs

Sep 22, 2023 By Michael Haag In Splunk
On September 4, 2023, CERT-UA revealed a meticulously planned cyberattack targeting Ukraine's critical energy infrastructure. The attack's modus operandi was distinct; it utilized deceptive emails containing bait links, luring victims into downloading a seemingly innocuous ZIP archive. This archive, however, harbored malicious files designed to hijack the victim's computer, redirecting data flows and exfiltrating sensitive information using services like mockbin.org and mocky.io.
Read Post
Arctic Wolf

Okta Environments Seeing Increased Targeted Threat Activity

Sep 22, 2023 By Andres Ramos In Arctic Wolf
In the last few weeks, Arctic Wolf Labs has noted an increase in threat activity targeting Okta as an attack vector. The relevant Techniques, Tools, and Procedures (TTPs) span across several different types of attacks. This bulletin will review several key aspects of these attacks.
Read Post
elastic

Secure your Elastic Cloud deployment with AWS PrivateLink traffic filter

Sep 22, 2023 By Hemendra Singh Lodhi In Elastic
One of the security features available in Elasticsearch® Service (Elastic® Cloud) is traffic filtering. Traffic filtering enables network layer security by limiting access to the deployment from configured networks only. In addition to the security policies consisting of role based access control (RBAC) employing principle of least privilege, using traffic filtering in conjunction provides greater security.
Read Post
senseon

Why Traditional Security Solutions Don't Fit Zero-Trust Architecture

Sep 22, 2023 By Laura In SenseOn

“Just make us Zero Trust.” Hands up if you’ve ever heard some version of this statement. Gather ten cybersecurity pros in a room, and you’ll have ten frustrated people trying to implement Zero Trust Security Architecture (ZTA). Although boards and non-security executives often understand the ZTA security model at a high level and love the idea of an inherently secure network, security teams keep running into walls during implementation.

Read Post

The Next-Gen Software Supply Chain by Shlomi Ben Haim | CEO & Co-founder, JFrog

Sep 22, 2023 By JFrog In JFrog
The evolution from DevOps and CI/CD to cloud-native technologies, microservices architecture, security and governance - and now all the way to automation and Artificial Intelligence - requires a new generation of SSC management that aims to deliver software faster, with higher quality, enhanced security, and improved customer experiences. In this session, we’ll share insights from over 7,000 JFrog customers, and what the Fortune 100 list tells us about where the software supply chain is headed Next!
View Video

Incorporating Every Element - SSC as a Platform by Yoav Landman | CTO & Co-founder, JFrog

Sep 22, 2023 By JFrog In JFrog
Managing and securing the software supply chain end-to-end is one of the most difficult challenges facing DevOps and DevSecOps teams today. As developers continue to push all boundaries on the left and right side of the software release cycle, enterprise focus remains on binaries, and their movement through the pipeline automatically and securely. See how an integrated, consistent platform approach is the only way to solve next-gen supply chain challenges!
View Video
upguard

Securing Essential Services: NIS Compliance Guidelines for OES

Sep 22, 2023 By Leah Sadoian In UpGuard
The EU Network and Information Security (NIS) Directive was adopted by the European Commission in 2016 and focused on establishing comprehensive cybersecurity regulations across the European Union. The NIS Directive is a robust piece of legislation enforced by local laws within each member state, working alongside other EU-wide regulations like the GDPR. The NIS Directive applies to Digital Service Providers (DSPs) and Operators of Essential Services (OES).
Read Post
upguard

Unpacking ISO 31010: Effective Risk Assessment Techniques

Sep 22, 2023 By Edward Kost In UpGuard
ISO 31010 is a supplementary document to the risk management standard ISO 31000. It was developed to support the risk assessment process in ISO 31000, outlining different risk assessment techniques to broaden the scope of an organization’s risk evaluation methods. This post offers a comprehensive overview of ISO/IEC 31010, highlighting the standard’s potential to increase the effectiveness of risk management strategies. Learn how UpGuard streamlines Vendor Risk Management >
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.