Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Data-Driven Defense: Exploring Global Cybersecurity and the Human Factor

A data-driven approach to cybersecurity provides the situational awareness to see what’s happening with our infrastructure, but this approach also requires people to interact with the data. That’s how we bring meaning to the data and make those decisions that, as yet, computers can’t make for us. In this post, Phil Gervasi unpacks what it means to have a data-driven approach to cybersecurity.

Patch Management vs. Vulnerability Management

Although the terms “patch management” and “vulnerability management” are often used interchangeably, they are not the same process. Patch management and vulneradbility management are two processes that go hand-in-hand towards supporting a secure, efficient, and up-to-date IT infrastructure. Compare patch management vs. vulnerability management and see why both are essential for a secure IT environment.

Kosli Changelog - March 2023

Hello, and welcome to the March edition of the changelog. Spring is on her way, days are now longer than nights (at least in the northern hemisphere where me and my Kosli colleagues reside) and new Kosli features are popping up like snowdrops. We have the latest release of the CLI and a bunch of other stuff to share with you, so let’s get right into it.

Increasing Implications: Adding Security Analysis to Kubernetes 360 Platform

A quick look at headlines emanating from this year’s sold out KubeCon + CloudNativeCon Europe underlines the fact that Kubernetes security has risen to the fore among practitioners and vendors alike. As is typically the case with our favorite technologies, we’ve reached that point where people are determined to ensure security measures aren’t “tacked on after the fact” as related to the wildly-popular container orchestration system.

Rest Assured, Cribl's Improved Webhook Can Now Write to Microsoft Sentinel

As version 4.0.4, we are excited to announce the capability of Cribl’s webhook to write to any destinations and APIs that requires OAuth including Microsoft Sentinel. Cribl has long supported OAuth in many destinations through native integrations but with the enhanced Webhook we can now write to any destination that require OAuth authentication.

Secrets Management: Use Cases, Best Practices, and Tools

To provide proper visibility into the health and status of your systems, observability tools require access to the internal and external services you’re using, and Sensu is no different. In the past, this could mean exposing sensitive authentication credentials like usernames and passwords with local environment variables or even by including the secret information in your monitoring configuration.

Endpoint Security: 8 Best Practices

Endpoints are the doorways to your organization’s data, resources, and other critical information. Unfortunately, cybercriminals are well-aware of these “doorways,” and often use endpoints as entryways for their cyberattacks. Today, the average enterprise uses and manages around 135,000 devices, and this number continues to grow every year. This means that organizations, now more than ever, need to protect their vulnerable endpoints.

Patch Windows Common Log File System Driver Vulnerability (CVE-2023-23376)

As the digital world becomes more interconnected, cyber threats evolve and become more sophisticated, putting businesses and individuals at risk. On February 14, 2023, Microsoft announced a critical vulnerability in the Windows Common Log File System (CLFS) driver, known as CVE-2023-23376. This vulnerability allows attackers to elevate privileges and gain unauthorized access to sensitive data, potentially resulting in severe consequences for affected systems.