Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

The Facebook data breach that affects over 533 million users explained

Apr 13, 2021 By StatusCake Team In StatusCake

If you’re a Facebook user, brace yourself for this one. It’s recently come to light that 533 million Facebook users’ details were found on a very suspicious hacker forum. The details found include users’ phone numbers, Facebook IDs, full names, locations, birthdays, and email addresses – all typical information that is stored on a Facebook account.

Read Post

StatusCake

Read more about The Facebook data breach that affects over 533 million users explained

Assessing the cybersecurity landscape

Apr 12, 2021 By ManageEngine In ManageEngine

In the latest installment of the ManageEngine Insights' podcast, enterprise analyst John Donegan sits down with Andy Bates, the executive director of the Global Cyber Alliance. An expert in the field of cybersecurity, Bates discusses current IT security trends, attack vectors, crime deterrents, and other emerging issues, such as biometrics and blockchain technologies. Bates also addresses user psychology as it relates to IT security, as well as some of the silver linings of the COVID pandemic.

View Video

ManageEngine

Security

Read more about Assessing the cybersecurity landscape

Continuous integration that you can trust: announcing SOC 2 certification

Apr 12, 2021 By Rob Zuber In CircleCI

At CircleCI, we care about security - in 2018, we became the first CI/CD tool to meet the rigorous security and privacy standards required by government agencies to get FedRAMP authorized. Now, CircleCI is SOC 2 certified, adding another industry-recognized security accreditation.

Read Post

CircleCI

Read more about Continuous integration that you can trust: announcing SOC 2 certification

IAM Policies: Good, Bad & Ugly

Apr 12, 2021 By Chase Douglas In Stackery

In my last post we looked at the structure of AWS IAM policies and looked at an example of a policy that was too broad. Let's look at a few more examples to explore how broad permissions can lead to security concerns. By far the most common form of broad permissions occurs when policies are scoped to a service but not to specific actions.

Read Post

Stackery

Read more about IAM Policies: Good, Bad & Ugly

Microlesson: How are Insights Created?

Apr 9, 2021 By Sumo Logic In Sumo Logic

Learn how Sumo Logic's Cloud SIEM Enterprise clusters log data into actionable security Insights.

View Video

Sumo Logic

Read more about Microlesson: How are Insights Created?

Splunk SOAR Playbooks: Azure New User Census

Apr 9, 2021 By Splunk In Splunk

Hafnium is the latest cyberattack that utilizes a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched). Learn how you can use Splunk Phantom to automate account monitoring to ensure that threat actors are not exploiting vulnerabilities to access sensitive information through authenticated accounts.

View Video

Splunk

Read more about Splunk SOAR Playbooks: Azure New User Census

AppDynamics with Cisco Secure Application Demo

Apr 9, 2021 By AppDynamics In AppDynamics

See how you can protect your business-critical applications with Cisco Secure Application. Built in collaboration with Cisco Security, Secure Application simplifies vulnerability management, blocks attacks in real-time, and creates a shared context for App and Security teams. Maximize uptime and performance while minimizing risk with Secure Application.

View Video

AppDynamics

Read more about AppDynamics with Cisco Secure Application Demo

Run confidently with secure DevOps

Apr 8, 2021 By Sysdig In Sysdig

The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps. In cloud-native DevOps is not enough. It's time for secure DevOps.

View Video

Sysdig

Read more about Run confidently with secure DevOps

Taking Automation Beyond the SOC With Advanced Network Access Control

Apr 8, 2021 By Kelly Huang In Splunk

Security orchestration, automation and response (SOAR) tools are most commonly known for automating manual security operations processes in order to expedite security investigations or cyber response. For instance, Splunk’s SOAR technology, Splunk Phantom, is most commonly used to automate alert triage, phishing investigation and response, threat hunting and vulnerability management.

Read Post

Splunk

Read more about Taking Automation Beyond the SOC With Advanced Network Access Control

Web Access Control Redefined

Apr 7, 2021 By Johannes Meyer In Icinga

One of the focuses of version 2.9 of Icinga Web 2 will be on access control. For years on now, Icinga Web 2 had a very simple role based access control (RBAC) implementation. This suited most of our users fine. However, there were still some requests to enhance this further. The next major update of Icinga Web 2 (Version 2.9) and Icinga DB Web will allow users to configure exactly this.

Read Post