%term

How Atlassian used Snyk to solve Log4Shell

Nov 16, 2022 By Sarah Conway In Snyk

Snyk recently launched a multi-day live hack series with AWS, where experts demonstrated exploits in real-time and explained how to defend against those vulnerabilities. This series helped viewers discover new ways to improve security across the application stack for AWS workloads. As part of the series, Micah Silverman (Director of Developer Relations, Snyk) and Chris Walz (Senior Security Engineer, Atlassian) discussed Log4Shell.

Read Post

Snyk

Read more about How Atlassian used Snyk to solve Log4Shell

Payette Fends off Cyber Breach with Rubrik Security Cloud

Nov 16, 2022 By Rubrik In Rubrik

Payette, the award-winning architecture firm behind iconic buildings of Harvard University, Boston Children's Hospital, MIT, and more, successfully fended off a potentially crippling ransomware attack. With Rubrik Security Cloud, the hacker never even had the opportunity to deliver a ransom note and the firm had critical systems back online in less than 24 hours.

View Video

Rubrik

Read more about Payette Fends off Cyber Breach with Rubrik Security Cloud

SecurityScorecard Enables Cyber Insurers to Shift from Static to Dynamic Loss Control

Nov 16, 2022 By Gian Calvesbert In SecurityScorecard

It’s no secret that loss control programs are essential for cyber insurance. Unlike other forms of insurance where the risk and assets don’t change much during a policy term, cyber insurance is meant to mitigate a constantly evolving risk and cover organizations whose security posture is always changing. A cyber insurance policy could be priced completely differently today compared to a few weeks or months later.

Read Post

SecurityScorecard

Read more about SecurityScorecard Enables Cyber Insurers to Shift from Static to Dynamic Loss Control

Best practices for Kubernetes Secrets management

Nov 16, 2022 By Eric Kahuha In Snyk

Kubernetes uses secret objects, called Secrets, to store OAuth tokens, secure shell (SSH) keys, passwords, and other secret data. Kubernetes Secrets allow us to keep confidential data separate from our application code by creating it separately from pods. This segregation, along with well-formed role-based access control (RBAC) configuration, reduces the chances of the Secret being exposed — and potentially exploited — when interacting with pods, thereby increasing security.

Read Post

Snyk

Read more about Best practices for Kubernetes Secrets management

Extend endpoint visibility with Google Chrome and Splunk security

Nov 16, 2022 By Splunk In Splunk

Ever wondered how to find bad actors using only browser data? Attend this session to get a deeper understanding of the integration between Google Chrome and Splunk. See how to ingest data, and use it for threat hunting and adversarial identification. Speaker: James Young - Staff Security Strategist.

View Video

Splunk

Read more about Extend endpoint visibility with Google Chrome and Splunk security

SAST - All About Static Application Security Testing

Nov 16, 2022 By Ayala Goldstein In Mend

Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. Forrester’s State Of Application Security Report, 2022 found that lacking application security remains a leading cause of external security breaches, so it’s safe to say that SAST will be in use for the foreseeable future. Contents hide 1 What Is SAST? 2 Why do we need SAST? 3 What problems does SAST address? 4 How does SAST work?

Read Post

Mend

Read more about SAST - All About Static Application Security Testing

Threat Actor of the Month - Sodinokibi

Nov 16, 2022 By Outpost 24 In Outpost 24

Meet "Sodinokibi" this month, the threat group behind the eponymous Sodinokibi ransomware, also known as “REvil”, to understand their tactics and how you can better secure your system from this threat

Read Post

Outpost 24

Read more about Threat Actor of the Month - Sodinokibi

CRN Names WatchGuard to the 2022 Edge Computing 100 list

Nov 16, 2022 By The Editor In WatchGuard

WatchGuard has been recognized by CRN in the 2022 Edge Computing 100 list in the Security category. This prestigious list highlights leading technology innovators that supply channel partners with next-generation edge technologies that allow businesses to capture, process, and use data in more intelligent ways. The categories recognized in this list include Edge Hardware, Software and Services; IoT and 5G Edge Services; and Security.

Read Post

WatchGuard

Read more about CRN Names WatchGuard to the 2022 Edge Computing 100 list

How Patching Thwarts Cyber Attackers

Nov 16, 2022 By SecurityScorecard In SecurityScorecard

At SecurityScorecard, we analyzed open vulnerabilities across the entire Internet. Here are some of our shocking discoveries: Furthermore, on average, it takes these organizations a year to fix 50% of the vulnerabilities. That's why hackers often have the upper hand. Solution? Build a mature program that: Got questions? Let me know in the comments below. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.

View Video

SecurityScorecard

Read more about How Patching Thwarts Cyber Attackers

How to Deploy the Kubernetes Dashboard

Nov 16, 2022 By Ben Hirschberg In ARMO

Kubernetes clusters consist of multiple resources and API objects interacting dynamically—which typically makes cluster management via the CLI overwhelming. Kubernetes Dashboard was built to simplify cluster operations by providing a unified, human-friendly interface. The web-based dashboard enables cluster operators to deploy applications, access running workloads, and correlate logs with cluster events. This article demonstrates how to install and use Kubernetes Dashboard.

Read Post