%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

5 Challenges to Security Operations Strategies

Apr 1, 2022 By Chris Tozzi In Torq

Do you love SecOps in theory, but just can't seem to make it work in practice? Or, maybe you've already implemented a security operations strategy to some degree within your organization, but struggle to make IT operations and security jive as seamlessly as you would like? Either way, there's a good chance that your troubles stem from one or more of the common barriers to SecOps strategies. This article explains why businesses often fail at implementing SecOps successfully and how they can work around the roadblocks.

Read Post

Torq

Read more about 5 Challenges to Security Operations Strategies

VoIP DDOS Attack Prevention

Apr 1, 2022 By Ribbon In Ribbon

Learn more - https://rbbn.com

View Video

Ribbon

Read more about VoIP DDOS Attack Prevention

April/2022 - CVE-2022-22965: Spring4Shell Remote Code Execution Mitigation

Apr 1, 2022 By HAProxy Technologies In HAProxy

Recently, a Remote Code Execution vulnerability was discovered in the Java Spring Core library. This vulnerability allows attackers to execute arbitrary code on affected systems. You can find more information on that vulnerability in the announcement on the Spring Blog. While HAProxy Enterprise, HAProxy ALOHA, and other products within the HAProxy Technologies portfolio are not impacted by this (they do not use the Spring Core library at all), you can use our products to mitigate the attack.

Read Post

HAProxy

Read more about April/2022 - CVE-2022-22965: Spring4Shell Remote Code Execution Mitigation

Building Your Security Analytics Use Cases

Mar 31, 2022 By Graylog Security Team In Graylog

It’s time again for another meeting with senior leadership. You know that they will ask you the hard questions, like “how do you know that your detection and response times are ‘good enough’?” You think you’re doing a good job securing the organization. You haven’t had a security incident yet. At the same time, you also know that you have no way to prove your approach to security is working. You’re reading your threat intelligence feeds.

Read Post

Graylog

Read more about Building Your Security Analytics Use Cases

Managing Sensitive Data in Kubernetes with Sealed Secrets and External Secrets Operator (ESO)

Mar 31, 2022 By Lukonde Mwila In Rancher

Having multiple environments that can be dynamically configured has become akin to modern software development. This is especially true in an enterprise context where the software release cycles typically consist of separate compute environments like dev, stage and production. These environments are usually distinguished by data that drives the specific behavior of the application.

Read Post

Rancher

Read more about Managing Sensitive Data in Kubernetes with Sealed Secrets and External Secrets Operator (ESO)

A visual guide to Calico eBPF data plane validation

Mar 31, 2022 By Chris Tomkins In Tigera

In previous blog posts, my colleagues and I have introduced and explored the Calico eBPF data plane in detail, including learning how to validate that it is configured and running correctly. If you have the time, those are still a great read; you could dive in with the Calico eBPF Data Plane Deep-Dive.

Read Post

Tigera

Read more about A visual guide to Calico eBPF data plane validation

Vulnerability Management - Intro to Torq Webinar

Mar 31, 2022 By Torq In Torq

As recent vulnerabilities like log4j have shown, having a standardized approach to identifying vulnerabilities and applying patches is essential to organizations looking to keep their systems safe from exploits. Whether it's preventative maintenance or responding to new 0-days, a continuous vulnerability management program ensures that security teams can rapidly identify risks and work cross-functionally to deploy patches and verify successful remediation.

View Video

Torq

Read more about Vulnerability Management - Intro to Torq Webinar

April Phools' Phishing Challenge

Mar 31, 2022 By NinjaOne In NinjaOne

Can you do what you advise your clients and spot a phishing attempt when you see one? Watch this "April Phools" edition of our MSP Live Chats series with special guest Connor Swalm, CEO of Phin Security, who showcased the latest tricks and tactics attackers are using to get victims on the hook. Don't miss OITVOIP CEO Ray Orsini, Lifecycle Insights' Alex Farling, and the rest of our panel as they played a high-stakes game of "spot the phish" on the LIVE event.

View Video

NinjaOne

Read more about April Phools' Phishing Challenge

CFEngine: The Agent Is In 11 - Infrastructure Hardening With CFEngine & Lynis

Mar 31, 2022 By CFEngine In CFEngine

"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.

View Video

CFEngine

Read more about CFEngine: The Agent Is In 11 - Infrastructure Hardening With CFEngine & Lynis

What is Red Teaming in Cyber Security? The Complete Guide

Mar 31, 2022 By Coralogix In Coralogix

Red teaming is the practice of asking a trusted group of individuals to launch an attack on your software or your organization so that you can test how your defenses will hold up in a real-world situation. Any organization reliant on software – including banks, healthcare providers, government institutions, or logistics companies – is potentially vulnerable to cyberattacks, such as ransomware or data exfiltration.

Read Post