Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Rovo Dev Auto Closing Vulnerabilities | Bitbucket Blitz | Atlassian

Learn how Atlassian uses Rovo Dev to automatically find and fix code vulnerabilities with Rovo Dev and Bitbucket. This capability saves our developers thousands of hours over three months and reduces issue resolution time by half, allowing them to focus on building software and solving problems for our customers. This technology is available to all of our customers. Learn how it works, and start using it yourself.

DLL Hijacking: Risks, Real-World Examples and How to Prevent Attacks

There’s been buzz around CVE-2025-56383 (published on Sept. 26, 2025), a hijacking vulnerability in Notepad++ v8.8.3 in which a DLL file can be swapped to execute malicious code. The CVE has been disputed by multiple parties, but we’re not here to comment on that. However, we are here to comment on DLL hijacking and discuss the very real threat that it poses to an organization. Let’s look into what DLL hijacking is and what measures you can take to keep your DLLs safe.

From Downtime to Stability: The Role of Managed IT in Modern Operations

Operational downtime has become one of the most expensive risks modern organizations face. A single system failure can halt workflows, expose security gaps, and drain revenue within hours. And as businesses in Long Beach & beyond grow more dependent on digital systems, the margin for IT failure keeps shrinking. Yet many operations teams still rely on reactive IT models, fixing issues only after they cause disruption.

How to Protect a Server from DDoS Attacks: 10 Practical Ways That Actually Work

DDoS attacks are no longer exotic weapons used only against banks, governments, or global tech giants. Today, a small online store, a SaaS startup, or even a personal blog running on a VPS can become a target. The barrier to launching an attack has dropped dramatically, while the damage such attacks can cause has only grown. Any server connected to the internet is exposed by default - the only real question is how prepared it is.

Why Release Control Takes Weeks

The industry standard for release control is painfully manual: long-form policy documents, ServiceNow forms, human approvals, meetings, and tickets that take days or even weeks to close. In this video, Mike Long (CEO & Co-founder, Kosli) explains the difference between manual release control and an automated, zero-trust model where evidence is collected automatically, provenance identifies the artifact, and approvals can be fully codified.

Evidence as an Input

Evidence isn’t something you produce at the end — it’s something every control generates for the next one. In this video, Mike Long (CEO & Co-founder, Kosli) explains how vulnerability scans produce evidence tied to the artifact fingerprint and the policy file used, and how that evidence becomes an input to downstream controls like release approvals. This is the core of reusable, continuous compliance.

ITAM: Your Unexpected First Line of Cyber Threat Defense

When the conversation turns to cybersecurity, people often think of firewalls, intrusion detection systems or state-of-the-art endpoint protection. Yet, beneath these sophisticated shields is an essential (and often unsung) foundation: robust IT Asset Management (ITAM). For CIOs guiding mid-sized and enterprise organizations through an increasingly perilous digital landscape, ITAM offers not just operational clarity, but a powerful first line of cyber threat defense.