Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

What you need to know about Process Ghosting, a new executable image tampering attack

Jun 15, 2021 By Gabriel Landau In Elastic

Security teams defending Windows environments often rely on anti-malware products as a first line of defense against malicious executables. Microsoft provides security vendors with the ability to register callbacks that will be invoked upon the creation of processes on the system. Driver developers can call APIs such as PsSetCreateProcessNotifyRoutineEx to receive such events.

Read Post

Elastic

Read more about What you need to know about Process Ghosting, a new executable image tampering attack

Securing Modern Applications and APIs: Whose Job Is It, Anyway?

Jun 15, 2021 By Pratik Roychowdhury In VMware Tanzu

When an end user thinks of a modern application, they expect a user-friendly offering, one that works on any device, from any location, and that delivers constant innovation. To deliver on that expectation, under the hood there are a large number of distributed components (and micro-components) running heterogeneous workloads on hybrid environments.

Read Post

VMware Tanzu

Read more about Securing Modern Applications and APIs: Whose Job Is It, Anyway?

Bad guys are watching for new openings in your cloud, are you?

Jun 14, 2021 By Janet Matsuda In Sysdig

You see the headlines, and perhaps, ‘thank goodness it wasn’t us’ flickers through your mind. An overly permissive web server exposes 100 million+ consumer credit applications, or an S3 bucket leaves hundreds of millions of user records open to the public. A nightmare scenario for any CISO and their cloud security team!

Read Post

Sysdig

Read more about Bad guys are watching for new openings in your cloud, are you?

Splunk and Zscaler Utilize Data and Zero Trust to Eradicate Threats

Jun 14, 2021 By Splunk In Splunk

Splunk and Zscaler have partnered to deliver a superior, Zero Trust approach to security. Our tightly integrated, best-of-breed cloud security and security analytics platforms deliver a cloud experience for the modern, cloud-first enterprise.

View Video

Splunk

Read more about Splunk and Zscaler Utilize Data and Zero Trust to Eradicate Threats

SOARing w/ Splunk Phantom

Jun 14, 2021 By Splunk In Splunk

Hey kids, do you like automation? Danny chats with Dan Dagget (@sgviking) , @Splunk Community Leader for Phantom & Tom Wise from @Adarma_Security about how to SOAR. What is SOAR? Do you need it? Are you ready to deploy it even if you do need it? How many times will Danny screw up the audio settings like the true professional he is? All answers lie within.

View Video

Splunk

Read more about SOARing w/ Splunk Phantom

Rollbar Integrations: Okta

Jun 14, 2021 By Rollbar In Rollbar

Integrate Okta with your Rollbar in 5 minutes or less! Save time on administration and increase security by bringing Okta’s world-class authentication and secure access management to your Rollbar account. Rollbar is the leading continuous code improvement platform that proactively discovers, predicts, and remediates errors with real-time AI-assisted workflows. With Rollbar, developers continually improve their code and constantly innovate rather than spending time monitoring, investigating, and debugging.

View Video

Rollbar

Read more about Rollbar Integrations: Okta

Adversary emulation with Prelude Operator and Elastic Security

Jun 14, 2021 By James Spiteri In Elastic

It’s no secret that organisations are up against skilled, relentless and determined adversaries. Security operations teams need to continuously test their detection capabilities by carrying out adversary emulation plans that are made up of varying tactics, techniques and procedures (TTPs) and track key metrics of their coverage in order to close any existing gaps. There are many tools available for running adversary emulation plans and performing purple team exercises.

Read Post

Elastic

Read more about Adversary emulation with Prelude Operator and Elastic Security

Super Speed with Phantom Slash Commands

Jun 14, 2021 By Olivia Courtney In Splunk

Are you the type of person who loves the command-line? Is tab-complete your friend? Do you move faster on a keyboard than with a mouse? Then Phantom Slash Commands are for you!

Read Post

Splunk

Read more about Super Speed with Phantom Slash Commands

LDAP authentication with Sensu Go: troubleshooting & tips (Part 2)

Jun 14, 2021 By Jef Spaleta In Sensu

Sensu creator and Developer Advocate Todd Campbell recently wrote about using LDAP authentication for single-sign on (SSO) with Sensu Go. That post provided a great overview of Sensu authentication and included some useful LDAP troubleshooting tips. In this post, we'll focus on the Sensu LDAP implementation and explore how SSO/LDAP users are linked to RBAC "profiles" (i.e. Roles and ClusterRoles). We'll also demonstrate how Sensu supports multiple LDAP providers thanks to its groups_prefix feature.

Read Post

Sensu

Read more about LDAP authentication with Sensu Go: troubleshooting & tips (Part 2)

3 Work-From-Anywhere IT Security Pressures

Jun 12, 2021 By Teneo In Teneo

The rate of change in IT is faster than ever. Several trends are helping organizations with their IT initiatives including anywhere operations, cloud adoption, and Internet of Things (IoT). Unfortunately, these trends are causing three major IT security pressures. In this short video, we look at these major IT security challenges and discuss how Teneo’s Work-From-Anywhere solution can help with these fast pace initiatives in today’s changing world. #TeneoGrp

View Video