%term

Overcoming the 3 biggest challenges in system hardening

May 16, 2022 By John Gates In CalCom

As delivered from the manufacturer, your network systems’ default configurations are often function-oriented rather than security-oriented. Changing the system’s default configuration to a more secure form is what we refer to as system hardening.

Read Post

CalCom

Read more about Overcoming the 3 biggest challenges in system hardening

How to Configure Single Sign-On (SSO) for Amazon RDS Access

May 13, 2022 By Janakiram MSV In Teleport

This blog is part two of a series about identity-aware access for Amazon RDS. In Part I, we covered how to use OSS Teleport to access Amazon RDS instances running in private subnets. In Part II, we will guide you through the steps to configure single sign-On (SSO) for Amazon RDS with Okta, SAML and Teleport.

Read Post

Teleport

Read more about How to Configure Single Sign-On (SSO) for Amazon RDS Access

(SBOM) Creation of your Software Bill of Materials

May 13, 2022 By JFrog In JFrog

Because of growing software supply chain cyber-attacks and incidents like Log4J, tracking your Software Bill of Materials has become essential. It’s a list of the “ingredients” that make up a piece of software. SBOMs are used by software producers to manage components, software buyers to assess security and compliance, and operators to monitor risks and threats. SBOMs are required by military, and government agencies and will likely become the norm, especially in highly regulated industries. Documenting and reporting your SBOM will become a universal best practice.

View Video

JFrog

Read more about (SBOM) Creation of your Software Bill of Materials

`npm init JSQuiz` The JS trivia night where you can win prizes!

May 12, 2022 By Snyk In Snyk

Hey there friends of JS! Now tell me... do you think you could be a master of JS? Maybe you’re also a local legend of trivia night? Even if you’re neither of those things… Come and have a blast with us LIVE, and win some awesome prizes!! Join us on May 11 for a live trivia game hosted by @snyksec and @BrisJS, Test your JavaScript and Node.js knowledge for a fun-filled evening. Swag, giveaways and bragging rights included!

View Video

Snyk

Read more about `npm init JSQuiz` The JS trivia night where you can win prizes!

Snyk Security for Atlassian Bitbucket Cloud Demo

May 12, 2022 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. In this video, you'll learn how to get started with Snyk using Atlassian Bitbucket Cloud.

View Video

Snyk

Read more about Snyk Security for Atlassian Bitbucket Cloud Demo

Capture the Flag 101

May 12, 2022 By Snyk In Snyk

Learn how to participate in a capture the flag (CTF) challenge with a hands-on JS demo hosted by Micah Silverman, Kyle Suero and Brian Clark.

View Video

Snyk

Read more about Capture the Flag 101

Identity-Based Data Security on AWS

May 12, 2022 By Teleport In Teleport

Speakers: Dave Cole, CEO of Open Raven Ev Kontsevoy, CEO of @Teleport Modern data drives business value. But the speed with which it is created and accessed across a global AWS footprint increases risk considerably. The old ways of securing data – VPNs, shared credentials stored in a secure vault, offsite backups – are no longer sufficient and don't work at cloud-scale. Join Teleport CEO Ev Kontsevoy and Open Raven CEO Dave Cole as they present a practical view of modern data security in two parts.

View Video

Teleport

Read more about Identity-Based Data Security on AWS

Impact Analysis: CVE-2022-29218, Allows Unauthorized Takeover of New Gem Versions via Cache Poisoning

May 12, 2022 By Maciej Mensfeld In Mend

It’s been a bad month for RubyGems vulnerabilities. Critical CVE-2022-29176 was issued May 8, 2022, and another critical CVE-2022-29218 was discovered less than a week later, on May 11. This new vulnerability would allow for a takeover of new versions of some platform-specific gems under certain circumstances.

Read Post

Mend

Read more about Impact Analysis: CVE-2022-29218, Allows Unauthorized Takeover of New Gem Versions via Cache Poisoning

Terraform & Keeper Secrets Manager: Better Together

May 12, 2022 By Craig Lurey In Keeper

Terraform is a very popular infrastructure-as-code (IAC) tool that enables DevOps teams to deploy and manage infrastructure such as servers, containers and databases. Since Keeper Secrets Manager supports record creation through Terraform, you can secure infrastructure secrets using your Keeper Vault. This feature, combined with existing credential read functionality, makes it possible to maintain your credentials’ full lifecycle using Keeper and Terraform.

Read Post

Keeper

Read more about Terraform & Keeper Secrets Manager: Better Together

NIST Free security assessment tool

May 11, 2022 By John Gates In CalCom

The National Institute of Standards and Technology (NIST) has issued a PDF of a cybersecurity self-assessment tool. The Baldrige Cybersecurity Excellence Builder v1.1 2019 is a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts.

Read Post

CalCom

Read more about NIST Free security assessment tool

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Overcoming the 3 biggest challenges in system hardening

How to Configure Single Sign-On (SSO) for Amazon RDS Access

(SBOM) Creation of your Software Bill of Materials

`npm init JSQuiz` The JS trivia night where you can win prizes!

Snyk Security for Atlassian Bitbucket Cloud Demo

Capture the Flag 101

Identity-Based Data Security on AWS

Impact Analysis: CVE-2022-29218, Allows Unauthorized Takeover of New Gem Versions via Cache Poisoning

Terraform & Keeper Secrets Manager: Better Together

NIST Free security assessment tool

Monthly Archive

Follow Us