Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

The ultimate guide to scanning Kubernetes workloads using Trivy-Operator

Testing is a vital aspect of security. Unfortunately, there are vulnerabilities that bypass the testing stage and introduce flaws in the production environment. Kubernetes vulnerabilities make more impact when exploited on running applications and production environments. These vulnerabilities can allow hackers to exploit the host machine if the container has escalated privileges.

How to Ensure SCCM Client Compliance on All Endpoints with Nexthink

SCCM is one of the most business-critical applications—a must have on all the devices. Administrators use SCCM for endpoint protection, software distribution, and patch management. Any machine where the SCCM client is not functioning will be unable to receive necessary policies or application updates, which can create a significant vulnerability for your organization because this leads to compliance and security issues.

Is open-source as secure as proprietary software?

We’re surrounded by news of data breaches and companies being compromised, and the existential threat of ransomware hangs over just about every organisation that uses computers. One of the consequences is that we are hassled by an ever-increasing number of software updates, from phones and computers to vacuum cleaners and cars; download this, restart that, install the updates.

Mitigate cyberthreats automatically with AIOps

The majority (83%) of employees across industries want their jobs to remain hybrid, Accenture reports. Yet nearly 50% of CIOs feel their cybersecurity initiatives aren’t keeping pace with their digital transformation efforts, according to research by ServiceNow and ThoughtLab. Neither are their cybersecurity budgets. Combining artificial intelligence (AI) and machine learning (ML) for IT operations (AIOps) can help.

SAST vs. DAST

Neglecting security is a rookie mistake. However, DevOps teams struggle to make it a priority in the quest to be continuously faster. Protecting your app from the ground up is challenging, so you need the right tools to improve your debugging process in development and production. To enhance security testing, developers can use SAST tools, which analyze program source code to identify security vulnerabilities, and DAST tools, which come up in later development phases in a running application.

How Parallel Loop Empowers Torq Users to Rapidly Automate Bulk Data Processing Up to 10x

Torq is proud to introduce Parallel Loop, a new capability that enables users to process bulk data from myriad security tools with unprecedented ease. It also provides the power of orchestration like no other automation tool in the security automation industry with true parallelism. That means multiple tasks can be run simultaneously, and optionally, on multiple elastically-scaled compute resources, shortening the time workflow automations take to complete by 10x or more.

Using SOC-as-a-Service to Bridge the Cybersecurity Talent Gap

As the cyberthreat landscape is getting more sophisticated, the need for skilled cybersecurity professionals is also rising. The recent 2022 (ISC)2 Cybersecurity Workforce Study revealed that, in the past year, the cybersecurity workforce gap (the difference between the number of security professionals required and the number of suitably qualified people in the marketplace) has grown more than twice as much as the number of actual cybersecurity workforce hired, with a 26.2% year-on-year increase.

IT Security Checklist to Protect Your Business

During the COVID-19 Pandemic, it was reported that cybercrime increased by 600%. As the world has become more reliant on technology, whether for personal life or for business, cyberattacks have risen with it. Unfortunately, there are a lot of cybersecurity misconceptions that prevent businesses from adequately preparing for and responding to these attacks. More time and resources need to be spent protecting this critical information.