Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling

JFrog Security research teams are constantly looking for new and previously unknown vulnerabilities in popular open-source projects to help improve their security posture. As part of this effort, we recently discovered a potentially critical vulnerability in HAProxy, a widely used open-source load balancer proxy server that is particularly suited for very high traffic web sites and used by many leading companies.

Security Testing in an Agile Development World

Security testing is a key component of software quality. A program may meet functionality and performance requirements, but that does not guarantee security. In this blog post I will present different security testing methods and provide a few tips for conducting a more secure code review. But first, let’s understand what software security is intended for.

Why DDoS remains a bigger threat than ever in the age of the cloud

Distributed denial of service attacks are one of the most established, and oldest, modes of cyber attack, dating back at least a quarter of a century to the mid-1990s. The cloud, on the other hand, is one of the newer revolutions in the tech world. While the term "cloud computing" was actually coined at approximately the same time as the inaugural DDoS attack, it is only over the past several years that the cloud has truly become a ubiquitous part of the computing landscape.

Elasticsearch Audit Logs and Analysis

Security is a top-of-mind topic for software companies, especially those that have experienced security breaches. Companies must secure data to avoid nefarious attacks and meet standards such as HIPAA and GDPR. Audit logs record the actions of all agents against your Elasticsearch resources. Companies can use audit logs to track activity throughout their platform to ensure usage is valid and log when events are blocked.

Risk Mitigation Strategies for Tcp/IP Vulnerabilities in OT

JFrog in collaboration with Forescout Research Labs recently released the fourth study from Project Memoria - the industry’s most comprehensive study of TCP/IP vulnerabilities. INFRA:HALT covers 14 vulnerabilities affecting the popular closed source TCP/IP stack NicheStack. These vulnerabilities can cause Denial of Service or Remote Code Execution, allowing attackers to take targeted OT and ICS devices offline or take control of them.

Assign Read-Only Access to Users in Logz.io

Cloud monitoring and observability can involve all kinds of stakeholders. From DevOps engineers, to site reliability engineers, to Software Engineers, there are many reasons today’s technical roles would want to see exactly what is happening in production, and why specific events are happening. However, does that mean you’d want everyone in the company to access all of the data?

5 ways federal agencies can augment a zero-trust architecture

A May 2021 executive order mandated that federal government agencies invest in both technology and personnel to centralize and streamline access to cybersecurity data, accelerate migration to secure cloud architectures, and advance toward a zero-trust architecture. A zero-trust architecture doesn’t refer to a predefined, out-of-the-box network security solution. It’s a strategy based on an agency’s cybersecurity plan that contains a collection of zero-trust concepts.

Sponsored Post

Automated Threat Intelligence: An Overview

SecOps and security teams spend an excessive amount of time sifting through low-value, poorly-contextualized alarm data rather than actively hunting for valid threats. This is because bad actors are constantly looking to steal whatever they can hold onto with the least exposure. Recent ransomware attacks in critical business sectors only serve as reminders that organizations cannot lie dormant. This blog post will unpack strategies to help overcome these challenges and explain why integrating threat intelligence with security orchestration and automation is critical for an effective security operations strategy.

Modern Security Monitoring Demands an Integrated Strategy

The ultimate success of any security monitoring platform depends largely on two fundamental requirements – its ability to accurately and efficiently surface threats and its level of integration with adjacent systems. In the world of SIEM, this is perhaps more relevant than any other element of contemporary IT security infrastructure.

Cybersecurity with Ubuntu

The cybersecurity state of affairs can be described as too complex today. There is an enormous number of threats endangering sensitive data for the average IT team to cope with. Threats ranging from exposure of physical assets stored in an office, to “social engineering” attacks resulting in unauthorized access, or even threats that exploit obscure software vulnerabilities.