Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

What is a Supply Chain Attack (and What Can You Do About It)?

Any cybersecurity breach is damaging to individual companies. But when it becomes a supply chain attack, the results can be chaotic and widespread. While most businesses overlook the dangers of supply chain cyber attacks, hackers have not. Malicious actors are continuously looking for, and finding, new ways to invade company networks. With these looming threats, companies must know how to prevent supply chain attacks and find new means of securing against cybersecurity breaches.

IT Heroes Podcast - EPS 05 Let's talk REvil ransomware

In this episode, we are discussing on REvil ransomware operators who have been arrested by Russian authorities recently. The podcast is around REvil's motive, modus operandi, operation, victims, partners, and finally some tips to keep your enterprise secured against the modern ransomware threats.

My pledge for Safer Internet Day

I was asked to write a pledge to help promote the importance of Safer Internet Day, which is taking place February 8. If you are not familiar with Safer Internet Day, it is a day dedicated to highlighting practical ways in which you can be involved in creating and maintaining a better online world. You can read more about it here. I took on this task and actually came up with two pledges: a personal and business one.

Open Source Cybersecurity: Towards a Democratized Framework

Today, anyone can contribute to some of the world’s most important software platforms and frameworks, such as Kubernetes, the Linux kernel or Python. They can do this because these platforms are open source, meaning they are collaboratively developed by global communities. What if we applied the same principles of democratization and free access to cybersecurity?

Chimera: Painless OAuth for Plugin Frameworks

Plugins can help teams unlock the full potential of Mattermost, but they aren’t always ready to go out of the box. Learn how Chimera streamlines plugin configuration via an OAuth2 Proxy. One of the best aspects of any software offered in the Cloud is the ability to start using it in just a matter of minutes. The same is true for the Mattermost Cloud offering.

Identity Access Management (IAM) Automation - Intro to Torq Webinar

Security teams are struggling to keep up with the increasing number of attack surfaces and the demands on remediating those attack surfaces in real-time. Security automation is the key to unlocking your security team’s productive potential, but traditional SOAR platforms (Security Orchestration, Automation, and Response) are complex and can take months of development to implement your first automation response sequence.

Introducing bodies with custom promise types

Last year we had a look at managing local groups with the custom groups promise type. As you may or may not recall, we used JSON-strings to imitate CFEngine bodies. This was due to the fact that the promise module protocol did not support bodies at that time. Today, on the other hand, we’re happy to announce that as of CFEngine 3.20, this will no longer be the case. In this blog post we’ll introduce the long awaited feature; custom bodies.

Five Ways To Reduce Your Cloud Security Blast Radius

It takes only a glance at the daily headlines to see that cybercriminals are using increasingly sophisticated methods to breach cloud defenses and access sensitive data. The complexity of cloud frameworks makes it extraordinarily difficult to detect nefarious activities. In many cases, attackers lurk in systems for weeks or months before pulling the trigger.