Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Zoom into Kinsing

The Kinsing attack has recently been reported by security researchers, and it is well known for targeting misconfigured cloud native environments. It is also known for its comprehensive attack patterns, as well as defense evasion schemes. A misconfigured host or cluster could be exploited to run any container desired by the attacker. That would cause outages on your service or be used to perform lateral movement to other services, compromising your data.

AWS Well Architected Framework in Serverless Part I: Security

Welcome to part one of our five-part “AWS Well-Architected Framework in Serverless” series. In this article, we’ll give you a short introduction to the AWS Well-Architected Framework and dive deeper into the Security pillar to explain it and some actionable ideas related to it. To learn more about the AWS Well-Architected Framework (WAF) through the serverless lens and how to build Well-Architected architectures, make sure to attend our upcoming webinar on Friday, 27 November.

How to Define Your Security Posture, and Why it Matters

Not only do cybersecurity organizations need to deliver the level of security required to protect corporate assets, they also need to align with the strategic goals and objectives of the business. By defining, establishing and managing your organization's cybersecurity posture, you can deliver the results needed for the business to be successful.

Five worthy reads: The rise in credential stuffing attacks

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we explore how credential stuffing attacks are evolving and why they pose a greater threat than meets the eye. Credential stuffing is perhaps the simplest form of cyberattack, but it continues to make headlines despite its lack of sophistication. It has become the attack method of choice for cybercriminals primarily because of its high success rate and ROI.

Calico Delivers "Wow Effect" with 6x Faster Encryption than Any Other Solution... Confirms Leadership in Latest Independent CNI Benchmark Tests

Benchmark tests measure a repeatable set of quantifiable results that serve as a point of reference against which products and services can be compared. Since 2018, Alexis Ducastel, a Kubernetes CKA/CKAD and the founder of InfraBuilder, has been running independent benchmark tests of Kubernetes network plugins (CNI) over a 10Gbit/s network. The latest benchmark in this periodic series of tests was published in September, and was based on CNI versions that were up-to-date as of August 2020.

How ITIL 4 Guiding Principles Can Boost Communication in Our WFH Reality

ITIL has established itself as the gold standard of guidelines for service management over the years. And with so many employees working remotely this year as a result of the COVID-19 pandemic, the best practices and guiding principles of ITIL 4 are arguably more applicable than ever. The sudden shift to remote work for many organizations has forced teams to increasingly rely on technology and find new ways to convey important messages.

Use Active Directory Monitoring to Protect Remote Active Directory Logins

Active Directory (AD) is a process service that is used in Microsoft® Windows-based environments. It is responsible for authenticating users when they connect to servers and for authorizing access to different directories, files, and data. AD is also responsible for carrying out security protocols on all connected devices and computers. For example, there is a policy in place where, after three login attempts, a user’s account is locked.

Better Detections and Cloud Coverage with Splunk Enterprise Security 6.4

Security teams are in a difficult position: they continue wrestling with persistent problems, such as overwhelming alert volumes and staff shortages, while confronting new ones driven by the abrupt shift to remote work. For instance, attaining real-time, deep visibility into cloud environments may have been on SOC roadmaps before 2020, but the capability is now a pressing need.

Preparing your website for Black Friday

Each year ecommerce sites are named and shamed for failing to prepare their website for Black Friday, sacrificing sales revenue and reputation. We explain changes companies can make in advance to mitigate outages, reduce shopping cart abandonment and improve digital experience in preparation for Black Friday 2020.