Operations | Monitoring | ITSM | DevOps | Cloud

Golang developers care a lot about security and as Go modules become more widely used, they need more ways to assure these publicly shared files are safe. One unique feature included with Golang version 1.13 is the foresight that went into authentication and security for Go modules. When a developer creates a new module or a new version of an existing module, a go.sum file included there creates a list of SHA-256 hashes that are unique to that module version.

Earlier this month, security researchers at Promon, a Norwegian firm that specializes in in-app security, uncovered a unique vulnerability in Android devices that allows malicious apps to masquerade as legitimate apps and prompt for intrusive permissions that allow them to: Listen to the user through the microphone, Take photos using the camera, and a lot more.

Today marks a new milestone for CFEngine, with the release of the new CFEngine 3.15.0 LTS. This is the newest Long Term Supported CFEngine series, introducing a lot of great stuff. The biggest new feature in CFEngine 3.15 is Federated Reporting, which we will cover later in this blog post, but there are many other new improvements as well. If you are interested to learn more, schedule training, or hear about pricing options, feel free to reach out to us!

“How do I enable GitOps for my network security policies?” This is a common question we hear from security teams. Getting started with Kubernetes is relatively simple, but moving production workloads to Kubernetes requires alignment from all stakeholders – developers, platform engineering, network engineering, and security. Most security teams already have a high-level security blueprint for their data centers.

As attackers continue to evolve and advance their techniques, tactics, and procedures (TTPs), it is crucial for enterprise organizations to deploy necessary countermeasures and defenses to secure their networks. Elastic Security provides an endpoint protection platform (EPP) with some of the most advanced and effective endpoint protections and preventions on the market today.

Any system connected to the Internet is vulnerable to malicious attacks and breaches. If it’s online, there’s someone out there trying to break into it and do something bad with it (usually stealing data). Plain and simple. To protect your most valuable assets, you need bulletproof security measures, a skilled SecOps team, robust investigation tools, and reliable prevention/mitigation strategies.

Cybersecurity is a hot topic. With high profile breaches making headlines on almost a monthly basis, combined with a far more restrictive regulatory environment, the need to responsibly protect your customers’ data has never been felt more keenly. It is estimated that a business is subjected to a ransomware attack every 14 seconds, predicted to drop to eleven seconds by 2021.

In the current digital era, enterprises across the world heavily rely on information systems for day-to-day operations and for accessing business-related data. In essential institutions, such as banking and financial, health, and government, protecting information is critical and any security mishap could disrupt daily operations. The intention of attackers is to either deny services until a ransom is paid or breach security to gain access to critical information.