Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Now that the sparkle and pop of the Fourth of July’s fireworks has subsided, it’s time for July’s open source vulnerabilities snapshot, your monthly overview of everything new in the always-evolving world of open source security.

We’re excited to announce the release of Teleport 4.3 - new UI, API driven, expanded audit capabilities, and still open source. This version is so significant, we nearly called it 5.0! In this post, we’ll cover the major new features and you’ll see why we called it ‘Teleport’.

This is a major Teleport release with a focus on new features, functionality, and bug fixes. It’s a substantial release and users can review 4.3 closed issues on Github for details of all items. We would love your feedback - please pick a time slot for a remote UX feedback session if you’re interested. Teleport 4.3 includes a completely redesigned Web UI.

Being a sysadmin basically means being a superhero. Fighting bad guys (aka hackers), helping ordinary people (aka users), saving your home (aka IT environment) from various disasters — it all sounds very heroic, but it’s just an average day in a sysadmin’s life. But superheroes can feel pain as well. Five years ago, we asked brave sysadmins to blow off some steam and complain about their suffering by letting us know what they really hate about their work.

As healthcare and life sciences organizations move to digitize their operations and automate their workflows, they are encountering new challenges related to HIPAA regulations, which dictate how patient information should be collected and stored.

The Splunk Security Research Team has been working on Kubernetes security analytic stories mainly focused on AWS and GCP cloud platforms. The turn has come now for some Azure Kubernetes security monitoring analytic stories. As outlined in my "Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk" blog post, when looking at Kubernetes security, there are certain items within a cluster that must be monitored.

Permissions, access controls, user rights, or privileges define what an identity can see or do in an organization. These terms are often used interchangeably based on context, and essentially perform the same function—granting or denying access to the resources in an enterprise.

It’s soon time for Summer vacation to begin, and we’ve asked our colleagues to share some of their summer learning tips for better security awareness.

How much do you really know about your open source usage? Can you identify what open source components you’re using? How about which licenses are in play and whether you’re compliant? Do you have a good sense of how many open source security vulnerabilities are in your code base and how to remediate them? Chances are, if you’re like most organizations, you can’t answer all of these questions.