Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Open source security: best practices for early detection & risk mitigation

What knowledge, tools, and processes do you need to keep your open-source software free from vulnerabilities and threats? Many open-source projects are well-maintained by software vendors or individuals. Yet, studies show that 80% of codebases used by enterprises contain vulnerabilities (half of which are high-risk vulnerabilities that can be exploited). Hackers scan for outdated systems that contain vulnerabilities, which they then exploit by deploying targeted malware. In this webinar, we will discuss best practices for keeping your systems up to date.

How to Ensure SCCM Client Compliance on All Endpoints with Nexthink

SCCM is one of the most business-critical applications—a must have on all the devices. Administrators use SCCM for endpoint protection, software distribution, and patch management. Any machine where the SCCM client is not functioning will be unable to receive necessary policies or application updates, which can create a significant vulnerability for your organization because this leads to compliance and security issues.

The ultimate guide to scanning Kubernetes workloads using Trivy-Operator

Testing is a vital aspect of security. Unfortunately, there are vulnerabilities that bypass the testing stage and introduce flaws in the production environment. Kubernetes vulnerabilities make more impact when exploited on running applications and production environments. These vulnerabilities can allow hackers to exploit the host machine if the container has escalated privileges.

Is open-source as secure as proprietary software?

We’re surrounded by news of data breaches and companies being compromised, and the existential threat of ransomware hangs over just about every organisation that uses computers. One of the consequences is that we are hassled by an ever-increasing number of software updates, from phones and computers to vacuum cleaners and cars; download this, restart that, install the updates.

Mitigate cyberthreats automatically with AIOps

The majority (83%) of employees across industries want their jobs to remain hybrid, Accenture reports. Yet nearly 50% of CIOs feel their cybersecurity initiatives aren’t keeping pace with their digital transformation efforts, according to research by ServiceNow and ThoughtLab. Neither are their cybersecurity budgets. Combining artificial intelligence (AI) and machine learning (ML) for IT operations (AIOps) can help.

SAST vs. DAST

Neglecting security is a rookie mistake. However, DevOps teams struggle to make it a priority in the quest to be continuously faster. Protecting your app from the ground up is challenging, so you need the right tools to improve your debugging process in development and production. To enhance security testing, developers can use SAST tools, which analyze program source code to identify security vulnerabilities, and DAST tools, which come up in later development phases in a running application.

How Parallel Loop Empowers Torq Users to Rapidly Automate Bulk Data Processing Up to 10x

Torq is proud to introduce Parallel Loop, a new capability that enables users to process bulk data from myriad security tools with unprecedented ease. It also provides the power of orchestration like no other automation tool in the security automation industry with true parallelism. That means multiple tasks can be run simultaneously, and optionally, on multiple elastically-scaled compute resources, shortening the time workflow automations take to complete by 10x or more.

Using SOC-as-a-Service to Bridge the Cybersecurity Talent Gap

As the cyberthreat landscape is getting more sophisticated, the need for skilled cybersecurity professionals is also rising. The recent 2022 (ISC)2 Cybersecurity Workforce Study revealed that, in the past year, the cybersecurity workforce gap (the difference between the number of security professionals required and the number of suitably qualified people in the marketplace) has grown more than twice as much as the number of actual cybersecurity workforce hired, with a 26.2% year-on-year increase.