%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

How to Harden Ubuntu SSH: From static keys to cloud identity

Mar 30, 2026 By Massimiliano Gori In Canonical

30 years after its introduction, Secure Shell (SSH) remains the ubiquitous gateway for administration, making it a primary target for brute force attacks and lateral movement within enterprise environments. For system administrators and security architects operating under the weight of regulatory frameworks like SOC2, HIPAA, and PCI-DSS, default SSH configurations are an “open door” that represents an unacceptable risk.

Read Post

Canonical

Read more about How to Harden Ubuntu SSH: From static keys to cloud identity

It's Time to Rethink Untrusted Code in Your Pipeline | Harness Blog

Mar 30, 2026 By Jyoti Bansal In Harness

The catastrophic TeamPCP exploit in March 2026 demonstrated that "open execution" models, in which third-party code runs with full privileges, have made CI/CD pipelines a primary target for global credential harvesting. There are better architectures. On March 19th, the risks of running open execution pipelines — where what code runs in your CI/CD environment is largely uncontrolled — went from theoretical to catastrophic.

Read Post

Harness

Read more about It's Time to Rethink Untrusted Code in Your Pipeline | Harness Blog

Is your AI secure? Puppet AI is 42001 certified to guarantee a responsibly manged #AI ecosystem.

Mar 30, 2026 By Perforce Puppet In Puppet

View Video

Puppet

Read more about Is your AI secure? Puppet AI is 42001 certified to guarantee a responsibly manged #AI ecosystem.

Mastering CompTIA Security+ SY0-701 Certification for a Strong Cybersecurity Career

Mar 29, 2026 By OpsMatters In OpsMatters

Cybersecurity has become one of the fastest-growing fields in the IT industry, and earning a globally recognized certification is one of the best ways to enter this domain. The CompTIA Security+ certification is widely respected because it validates essential skills in risk management, network security, cryptography, and threat detection. This certification is especially valuable for beginners and intermediate IT professionals who want to build a strong foundation in cybersecurity principles and practices.

Read Post

OpsMatters

Read more about Mastering CompTIA Security+ SY0-701 Certification for a Strong Cybersecurity Career

The "scanner report has to be green" trap

Mar 27, 2026 By Lech Sandecki In Canonical

In the modern DevSecOps world, CISOs are constantly looking for signals in the noise, and the outputs of security scanners often carry a lot of weight. A security scan that returns a “zero CVE” report often unlocks promotion to production; a single red flag can block a release. This binary view of security has birthed two diametrically opposed philosophies. On one side, we have the long-term support (LTS) approach: stay on a battle-tested version and backport specific security fixes.

Read Post

Canonical

Read more about The "scanner report has to be green" trap

Observability and Security for the AI Era

Mar 27, 2026 By Datadog In Datadog

Datadog has always been driven by a broader vision of helping teams understand and operate complex systems. In this session, you’ll hear from Yrieix Garnier, VP of Product, and Hugo Kaczmarek, Senior Director of Product, as they share the latest updates across the Datadog product suite and discuss how that vision continues to shape the platform’s evolution and support the next generation of AI-driven applications.

View Video

Datadog

Read more about Observability and Security for the AI Era

Continuous Threat Exposure Management (CTEM): A Proactive Defense Strategy for Modern Cybersecurity

Mar 27, 2026 By OpsMatters In OpsMatters

In today's rapidly evolving digital world, cyber threats are becoming more sophisticated, frequent, and damaging. Organizations can no longer rely solely on traditional, reactive cybersecurity methods. Instead, they must adopt a proactive approach to identify and eliminate risks before attackers exploit them. This is where Continuous Threat Exposure Management (CTEM) plays a critical role. CTEM is redefining how businesses approach cybersecurity by offering continuous visibility into vulnerabilities, threats, and risks across their entire IT environment.

Read Post

OpsMatters

Read more about Continuous Threat Exposure Management (CTEM): A Proactive Defense Strategy for Modern Cybersecurity

CFEngine: The agent is in 59 - Extending update policy for greater efficiency and autonomy

Mar 26, 2026 By CFEngine In CFEngine

"CFEngine: The agent is in" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.

View Video

CFEngine

Read more about CFEngine: The agent is in 59 - Extending update policy for greater efficiency and autonomy

N-able Expands AI-Driven SOC Capabilities to Further Business Resilience for Worldwide Customers

Mar 25, 2026 By N-able In N-able

New AI-powered detections analyze every PowerShell execution and multi-layer telemetry to uncover stealth attacks that traditional security tools miss.

Read Post

N-able

Read more about N-able Expands AI-Driven SOC Capabilities to Further Business Resilience for Worldwide Customers

CertKit Keystore: Private keys that never leave your infrastructure

Mar 25, 2026 By Todd H. Gardner In CertKit

When you use CertKit, your private keys live in CertKit’s database, encrypted at rest. We’ve written about why the actual risk is smaller than it sounds. But some organizations have policies that prohibit storing private keys with any third party, regardless of how they’re protected. That policy isn’t going away. The Local Keystore enables those organizations to use CertKit and still keep their keys local.

Read Post