Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk, since you’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user's data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we'll explain why it happened, show its impact, and—most importantly—learn how to avoid or fix it.

From day one, most organizations,especially the big ones, are targeted with a broad range of attacks. These range from information exfiltration attempts to fraud. Although a great majority of them can be addressed with the help of a Web Application Firewall, there are some that require more extensive tooling. Join me as I show you how we use Sherlock and Datadog to block 30,000+ fraudulent users per week in seconds. We will also discuss other applications and how you can implement similar solutions.

This policy setting determines whether the LDAP server requires LDAP clients to negotiate data signing. Using the default configuration of this value allows LDAP clients to communicate with Active Directory in an insecure fashion.

In Devo’s role-based security scheme, shared Activeboards are domain resources that can be assigned to selected roles with permissions for viewing and managing them.

In the latest installment of the ManageEngine Insights' podcast, enterprise analyst John Donegan sits down with Andy Bates, the executive director of the Global Cyber Alliance. An expert in the field of cybersecurity, Bates discusses current IT security trends, attack vectors, crime deterrents, and other emerging issues, such as biometrics and blockchain technologies. Bates also addresses user psychology as it relates to IT security, as well as some of the silver linings of the COVID pandemic.

Find out in this recorded session with a White Hat hacker Liam Cleary how your Microsoft Teams environment can be compromised — and how you can defend yourself.

How much time are you spending manually parsing and sorting event logs? With EvtxECmd, digital forensics professionals can optimize Windows event log analysis through its unique mapping feature. Created by Eric Zimmerman, EvtxECmd can be called via the EZParser module in KAPE (another tool created by Eric Zimmerman) to process thousands of events in seconds and create structured CSV files that are much easier to read and manipulate.

https://goteleport.com/docs/openssh-teleport/

Hafnium is the latest cyberattack that utilizes a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched). Learn how you can use Splunk Phantom to automate account monitoring to ensure that threat actors are not exploiting vulnerabilities to access sensitive information through authenticated accounts.

The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps. In cloud-native DevOps is not enough. It's time for secure DevOps.