Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Joomla! CMS Vulnerability Scanner

WordPress may power the majority or the internet, but Joomla! is the second most popular CMS on the planet, representing 6.1% of all known CMS websites. So we felt it was important to integrate it directly into our external website security and vulnerability scanner. Sitting alongside special checks for WordPress, Drupal and SilverStripe websites, we scan potential issues with the core version of Joomla! and any plugins installed.

GDPR: Top 5 Logging Best Practices

The rather broad definition of personal data in the GDPR requires paying special attention to log data. GDPR and personal data in web server logs is a popular topic in many GDPR fora. For example, IP addresses or cookies might be considered personal data. Consequently, such data must be stored only with the consent of customers for a limited time. It is highly recommended to anonymize personal data before you hand over the logs to any 3rd party to minimize risk.

Integrating Threat Intelligence with Graylog

In my last post, I gave a high-level overview how to select a threat intelligence vendor and how to integrate indicators of compromise (IOCs) into your SIEM or log management environment. In this post, I will describe in detail how to use the Threat Intelligence plugin that ships with Graylog. I’ll start with the steps necessary to prepare your data, then explain how to activate the feature and how to configure it for use.

Drupal Security Scanner - Just in Time for Drupalgeddon2

Just as news hits of two highly critical security vulnerabilities in Drupal – a popular open source CMS that powers 4.2% of known CMS websites – we have expanded our external Vulnerability Scanner yet again with Drupal specific security checks. We now offer peace of mind for anyone with a WordPress, Joomla!, SilverStripe or Drupal site, as well as checks for thousands of known software and configuration vulnerabilities for all major software products and operating systems.

Five worthy reads: Data security is taking the world by storm

Information. Data. Personal details. Particulars. Intelligence. Call it what you like—the universal truth is that in the present age, personal data has become one of the most valuable possessions. Companies around the world are scrambling to secure the data they have collected, while those with malicious intentions are vying for these coveted bits of information.