Operations | Monitoring | ITSM | DevOps | Cloud

Congress set the stage for IT modernization across the federal government by passing the Modernizing Government Technology (MGT) Act, allowing agencies to apply for a loan from the Technology Modernization Fund (TMF) to update their legacy systems. The theory states, with access to TMF funds, agencies can now improve innovation, enhance efficiencies, and strengthen their security postures.

On July 14, 2020, Microsoft released a security update related to a remote code execution (RCE) and denial of service (DoS) vulnerability (CVE-2020-1350) in Windows DNS Server (2003 - 2019).

Our team recently discovered an exposed endpoint without authentication enabled, though we know it had previously been required. The root cause was a missing configuration as a result of a recent upgrade a few weeks earlier, and was easy to fix by simply enabling the configuration parameter correctly. We needed a way to catch this type of issue quickly going forward, for this and for other public endpoints, which should be secure by default. Here is how we solved it.

Don’t miss out on these 12 image scanning best practices, whether you are starting to run containers and Kubernetes in production, or want to embed more security into your current DevOps workflow. One of the main challenges your teams face is how to manage security risk without slowing down application delivery. A way to address this early is by adopting a Secure DevOps workflow.

A Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to the distribution of malware. Whilst blocking attacks is important, it is also useful to be notified of attacks when they happen. A breach could bring your organization to a halt — from broken webpages to data breaches.

Auth0 is one of the top leading identity management platforms in the world. It’s focused on providing solutions for application builders, specifically solutions needed for custom-built applications. Auth0 provides expertise to scale and protect identities in any application, for any audience. This post will show you how Coralogix can provide analytics and insights for your Auth0 log data – including performance and security insights.

Cybersecurity has been a core issue in business management and growth. As businesses try to manage more remote teams, it’s important now more than ever. With technology becoming an integral part of our everyday lives, we’re exposed to an ever-growing risk of cyber-attacks and malicious technological crimes. According to a recent study, on average, hack attacks occur every 39 seconds. That is, one in three Americans is a victim of cybercrime every year.