In a previous blog post I discussed the complexity of securing Kubernetes environments, and some best practices. Unfortunately, even if we follow best practices in setting up and configuring our system, we can never eliminate all the vulnerabilities.
One of the most exciting security enhancements in Ubuntu 20.04 LTS (Focal Fossa) is the ability to use the Fast Identity Online (FIDO) or Universal 2nd Factor (U2F) devices with SSH. By using a second authentication factor via a device, users can add another layer of security to their infrastructure through a stronger and yet still easy to use mechanism for authentication. Ubuntu 20.04 LTS includes this feature out of the box through the latest version of OpenSSH 8.2.
From global pioneers to budding startups, almost every organization around the globe has adopted a mandatory work-from-home routine due to the COVID-19 outbreak. This shift has brought up numerous questions for decision-makers: How are we going to pull this off? Is work-from-home strategy feasible? Is our network security going to be compromised? Is BYOD the solution?
A large number of security breaches are impacting industry verticals, including banking, financial services and insurance (BFSI), telecom, and hospitality, so there's a growing need for organizations to fortify their infrastructure against these threats. For example, by the time T-Mobile identified the intrusion and unauthorized access to its sensitive data in 2019, both its customer and employee details were already stolen by hackers.
In a world full of threats targeting data as well as stringent compliance mandates, it’s never been more important to create a strong unified cloud security strategy. But as cloud environments become more complex and diverse, it’s also never been more difficult. Even if you’re partnering with a notably secure provider, it’s still important to understand your security responsibility and to be proactive about protecting your data in the cloud.
The COVID-19 virus epidemic has seen a 23% rise in visitors to UK independent ecommerce sites. On a global scale, many companies have transitioned to fully ecommerce-based business practice and are seeing an increase in online shoppers. This paradigm shift in business continuity means websites are increasingly vulnerable to being attacked.
Many people are working from home (WFH) now and will be for at least the next few weeks. The VPN and TLS connections that remote workers rely on allow for secure access, and although these are not new connection types to monitor, the current WFH situation has created a significant increase in the number of these connections you must monitor. This new WFH scenario has made one thing easier: mobile users are no longer mobile.
As the responsibilities of the Security Operation Center (SOC) continue to increase, SOC teams are experiencing increased demand on their time and resources. Scaling a security team with little resources and funds can prove extremely difficult, especially when the incident response team spends most of their time chasing alerts.
SSL (Secure Socket Layers) certificates tell your site’s visitors that you are whom you say you are and creates an encrypted connection between your domain (anexampledomain.com) and the visitor. If your domain doesn’t supply a valid certificate, the browser throws up a wall that warns the user that the site isn’t trusted. Many things may happen that tell the browser to issue the warning, but the most common reason is due to an expired SSL certificate.
Vulnerability Manager Plus is ManageEngine’s enterprise security program that empowers system administrators with an essential set of tools for managing and mitigating threats and vulnerabilities across systems in IT infrastructure. This security solution features specialized tools that help enterprises improve their overall security posture. Some of its unique tools include its integrated patch management module, security configuration management, and prioritization of vulnerabilities.
