Operations | Monitoring | ITSM | DevOps | Cloud

SecOps

Sponsored Post

SIEM Logging for Enterprise Security Operations and Threat Hunting

Today's enterprise networks are diverse and complex. Rather than the simple network perimeter of old, bad actors can attack through multiple entry points, including cloud-based applications. Not to mention, these networks generate massive amounts of transactional data. Because enterprise networks have become larger, they're more difficult to secure and manage. As a result, IT operations teams and security analysts seek better ways to deal with the massive influx of information to improve security and observability.

Building Strong Linux Security and Compliance: CIS Benchmarks and More

What makes Linux security unique? What special considerations does Linux have across security standards like those set by The Center for Internet Security (CIS)? Every OS has their own unique considerations, and Linux is no different. We’ll also explore how Puppet can fit within your broader Linux security plan to help make hardening Linux that much easier.

Sarbanes-Oxley (SOX) Compliance: How SecOps Can Stay Ready + Pass Your Next SOX Audit

Since its passing in 2002, the Sarbanes-Oxley Act (SOX) has become one of the leading regulatory compliance requirements for U.S. companies. It’s synonymous with corporate governance and financial reporting standards for publicly traded companies. Companies spend millions of dollars and thousands of hours ensuring SOX compliance. Scrutiny is high for organizations subject to it, and the penalties can be crushing.

Why you need to protect your confidential virtual machine from itself

In the traditional computing threat model, privileged system software like the hypervisor, host OS, firmware, and DMA-capable devices were all granted access to the data and code of your workloads. This was widely accepted because it seemed necessary for the system managing VM resources (memory, execution, and hardware access) to also have access to the workload’s data. How else could it manage it after all?

Best Practices for SOC Tooling Acquisition

Your Security Operations Center (SOC) faces complex challenges for keeping corporate data safe and in the right hands everyday. The right tooling is critical for success. Deciding when—and how—to make investments in SOC tooling is complex and challenging across organizations. There’s a ton of vendor spin out there and it’s important to understand what’s real and what isn’t.

The Limitations of Endpoint Detection and Response (EDR)

Every IT environment – whether it’s on-prem or in the cloud, and regardless of how it’s designed or what runs in it – is made up of endpoints. That’s why Endpoint Detection and Response, or EDR, has typically been one of the pillars of cybersecurity. EDR helps businesses monitor each of their endpoints for security risks so that they can detect problems before they escalate to other endpoints.

What you need to know & do to be a world-class cyber incident responder

World-class incident responders are a strategic asset in today’s world where the frequency and sophistication of cyber security attacks continue to increase every year, as do the associated financial damages: As such, more and more organizations are looking to grow their cyber incident response expertise, both with inhouse staff as well as by engaging with third-party experts.

Securing software supply chain without panicking ft. Chainguard co-founder Kim Lewandowski

Chainguard co-founder, Kim Lewandowski joins Rob to discuss the ways she presses forward in the fear-driven world of software supply chain security. In any kind of mistake or failure, security breaches have to be something that we can learn from. On the other hand, particularly during investigation, there are often walls of trust and other factors affecting fully transparent communication. Does this impact our ability to learn? Is there something we have to do differently to get better at it?

SecOps tools - SecOps & incident management for 2022.

Importance of secOps tools – The threats in the cyber world are becoming more and more complicated and sophisticated with each passing day, while the rapid expansion of digital operations, with more nodes, networks, and servers has resulted in more vulnerabilities. This situation demands efficient SecOps teams as well as practices so that threats are thwarted, and networks and data are always protected. What is SecOps & Best SecOps tools?

Modern Security Operations Center Framework

With agile development, the software development life cycle has evolved, with a focus on customer satisfaction to enhance product features based on user feedback. This helps shorten the time to market, since teams can release a minimally viable product, then continuously improve its features. The agile technique encourages team cooperation through sprints, daily standups, retrospectives, testing, quality assurance and deployment.