Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Detect Ransomware in Your Data with the Machine Learning Cloud Service

While working with customers over the years, I've noticed a pattern with questions they have around operationalizing machine learning: “How can I use Machine Learning (ML) for threat detection with my data?”, “What are the best practices around model re-training and updates?”, and “Am I going to need to hire a data scientist to support this workflow in my security operations center (SOC)?” Well, we are excited to announce that the SplunkWorks team launched a new add-

Configure and apply hardening rules in minutes with Ubuntu CIS Benchmark tooling

CIS benchmark has hundreds of configuration recommendations, so hardening a system manually can be very tedious. To drastically improve this process for enterprises, Canonical has made CIS automation tooling available to its Ubuntu Advantage for Infrastructure customers and Ubuntu Pro users on the public cloud (Azure, AWS).

How to Monitor, Manage, and Secure Active Directory

Microsoft Active Directory (AD) is the nerve center enabling your federal agency to access the systems and applications staff members need to do their jobs. AD is also a high-risk target for inside and outside threats and can be a gateway for other potential security vulnerabilities. The key to protecting your agency’s AD is to have the right processes in place to maintain its integrity, know whether something is happening that shouldn’t be, and demonstrate compliance if required.

CNCF Webinar: Critical DevSecOps considerations for Multicloud Kubernetes

The distributed nature of Kubernetes has turned both legacy infrastructure and traditional cybersecurity approaches on their heads. Organizations building cloud-native environments in their own data centers grapple with operationalizing and scaling Kubernetes clusters, and then ensuring system-wide security from the infrastructure layer all the way up to each container. In this webinar, you’ll hear from two cloud-native experts in infrastructure and security who will offer up valuable insights on.

CNCF Webinar: Getting started with container runtime security using Falco

Protect Kubernetes? As Kubernetes matures, security is becoming an important concern for both developers and operators. In this talk, Loris Degioanni (CTO and Founder @Sysdig) will give an overview of cloud native security, discuss its different aspects, with particular focus on runtime, and explain what inspired the development of Falco, the CNCF container security project. Through demonstration, he will educate the CNCF community on the ways Falco is being used for real-world workloads. Lastly, he will share the latest on Falco’s adoption, maturation within CNCF and what’s on the horizon.

Kubernetes Security

Containers and Kubernetes have revolutionized the way many teams deploy applications. But with the many benefits that these technologies provide come new challenges. Key among those challenges is security. By adding more layers and complexity to application environments, containers and Kubernetes create new opportunities for attackers and new security threats for Kubernetes admins to address.

FabFit - Not So Fun for Customers with Stolen Payment Data

Our sources state that there has been a 20% increase in web-skimming attacks since the outbreak of the COVID-19 virus. Recently, we have witnessed some high-profile Magecart attacks. The latest Magecart attacks include; American Payroll Association, music giant – Warner Music Group, and lifestyle subscription brand – FabFitFun.

Secure Networking for Openshift

The Kubernetes network model defines a flat network in which pod connectivity is unimpeded, with no restrictions on what traffic is allowed to or from each pod. To make a cluster production ready you need to make this networking secure. Network Policy is the primary tool for doing this and is essential to understand before considering moving a cluster to production.

Working in the SOC with Power Tools: Splunk and Polarity

Have you ever had to saw through a board by hand? I had to finish a partial cut by hand the other day while building a new mantle for my fireplace. It’s slow and difficult, and it often results in a lesser quality cut than one done with a power tool. It’s good exercise, though! We should all have to do it at least once so we appreciate our power tools more.