Operations | Monitoring | ITSM | DevOps | Cloud

We’re pleased to announce the debut of ManageEngine Application Control Plus, an application whitelisting, blacklisting, and privilege management solution. IT operations could come to a standstill if applications suddenly ceased to exist, but applications can be considered double-edged swords. As important as applications are, they also form the largest threat vectors in any network.

the k8s-security-configwatch GitHub Action, an open source tool from Sysdig, secures your GitOps workloads by detecting changes on your Kubernetes security configuration.

From maintaining electronic health records and generating medical reports, to carrying out robot-assisted surgeries and setting up online doctor-patient communication portals, the healthcare industry is becoming increasingly reliant on technology to effectively carry out day-to-day operations. While incorporating advanced technology assists healthcare professionals in providing better care for patients, it also increases the attack surface for cybercriminals looking to exploit sensitive data.

Threat intelligence feeds are a critical part of modern cybersecurity. Widely available online, these feeds record and track IP addresses and URLs that are associated with phishing scams, malware, bots, trojans, adware, spyware, ransomware and more. Open source threat intelligence feeds can be extremely valuable—if you use the right ones. While these collections are plentiful, there are some that are better than others.

Yesterday, we sent out notifications to all our clients that are affected by the Let's Encrypt mass revocation of SSL certificates. In this post, we'll share the details how we found those certificates. Now, the morning after, we're well rested and in good shape to do a proper write-up on the matter.

Hello, security enthusiasts! This is part seven (can you believe it?) of the Elastic SIEM for home and small business blog series. If you haven’t read the first six blogs in the series, you may want to before going any further. In the prerequisite blogs we created our Elasticsearch Service deployment (part 1), secured access to our cluster by restricting privileges for users and Beats (part 2), then we created an ingest pipeline for GeoIP data and reviewed our Beats configurations (part 3).

In 2019, Cyber Defense Magazine named ManageEngine a Next Gen vendor in Unified Endpoint Management at IP EXPO in London, and then again at RSA Conference 2020 in San Francisco. Cyber Defense Magazine recognized ManageEngine in its 2020 InfoSec Awards for the features, capabilities, and value it delivers, along with its market presence.

The team at Let's Encrypt, the free certificate authority, has identified an issue that might have lead to unauthorized certificate issuance. Because it's hard to determine which sites have been abused, they have no other choice but to revoke all certificates that may have been maliciously issued. The result is a massive 3,048,289 certificates that will be revoked within the next 24 hours. We've just finished alerting all our users that are affected by this.

We are excited to announce the general availability of Calico Enterprise 2.7. With this release, Fortinet’s 400,000 customers can use FortiGate to enforce network security policies into and out of the Kubernetes cluster as well as traffic between pods within the cluster.