upguard

What is Shadow IT? When Staff Revolt Against the IT Department

Jul 27, 2022 By Catherine Chipeta In UpGuard

Shadow IT includes any unsanctioned apps or hardware used by employees that fall outside of those managed by the IT department (sanctioned apps). Shadow IT is often used as a workaround to functionality or usability gaps created by an organization’s known IT resources. Large organizations have multiple departments with widely differing information technology (IT) needs.

Read Post

[Webinar] Detecting intrusion in DevOps environments with AWS canary tokens

Jul 27, 2022 By GitGuardian In GitGuardian
Last year, hardcoded secrets made it 2nd to the OWASP Top 10 Web Application Security Risks. This year, the vulnerability gained a spot and now ranks 15th on the MITRE CWE Top 25 Most Dangerous Software Weaknesses. Needless to say, no organization wants to have its secrets exposed during software development. But what if I told you security teams could use hardcoded secrets to their advantage? Join me on Wednesday, July 27th, for a live discussion with Eric Fourrier, CTO at GitGuardian, on how to detect compromised developer and DevOps environments with canary tokens.
View Video

SANS 2022 Threat Hunting Survey - Hunting for a Standard Methodology for Threat Hunting Teams

Jul 27, 2022 By Corelight In Corelight
We’ll also look at the past two years to see if global economic impacts have caused any industry changes that give us cause to rethink our approach to threat hunting.. Key topics will include operationalizing threat hunting, innovative threat hunting tactics and techniques, and new tools that can help threat hunting for both endpoints and networks.
View Video
upguard

Meeting the 3rd-Party Risk Requirements of The NY SHIELD Act

Jul 27, 2022 By Edward Kost In UpGuard

The Stop Hacks and Improve Electronic Data Security (SHIELD) Act is designed to protect the personal data of all New York residents. This act broadens the data privacy and protection standards stipulated in the Gramm-Leach-Bliley Act (GLBA) and the New York Department of Financial Services (NYDFS). What makes this particular data protection law unique is its inclusion of biometric information, usernames, and passwords in the category of personal information.

Read Post
teleport

What's New in Teleport 10

Jul 27, 2022 By Sakshyam Shah In Teleport

This post introduces all the features released in Teleport 10. Teleport 10 includes version 10.0, 10.1, 10.2 and 10.3. You can always find an up-to-date status of Teleport releases in our docs. Teleport 10 is the biggest release so far in the history of Teleport in terms of feature sets. Before we dive into all the Teleport 10 features, let me first introduce you to...

Read Post
teleport

How to Access Infrastructure Without Usernames and Passwords

Jul 27, 2022 By Ev Kontsevoy In Teleport

A password is a secret, and a secret can be lost, stolen or traded on dark web marketplaces. Most engineers know this, that’s why every SSH tutorial begins with the instructions for disabling passwords and enabling private/public key pairs. But a private key is just another form of a secret. In this article, I will try to explain why all forms of secrets are bad for you.

Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.