%term

Production MySQL SSL with Teleport Machine ID

Jul 25, 2022 By Ben Arent In Teleport

In the first part of this blog post, we setup SSL/TLS for a MySQL database, using the built in self-signed certificates. The main problem using out of the box self-signed certificates is that clients can't verify that they're talking to the right database host, and it's not possible to verify the certificate chain. In this post we'll cover upgrading the client connection to VERIFY_IDENTITY and how to use Machine ID to continuously renew certificates.

Read Post

Teleport

Read more about Production MySQL SSL with Teleport Machine ID

Wet signatures cost more than you might think

Jul 25, 2022 By Rob Brown In DataTrails

Speaking to people on our neighbouring booths at the UK nuclear decommissioning event, it was clear to see the entire industry is drowning in paperwork.

Read Post

DataTrails

Read more about Wet signatures cost more than you might think

Ransomware report walkthrough

Jul 25, 2022 By Kovrr In Kovrr

View Video

Kovrr

Read more about Ransomware report walkthrough

Best practices for your first 30 days with Snyk

Jul 25, 2022 By Michele Wiedemer In Snyk

This post is applicable to Business plan and Enterprise plan customers. Adopting a new platform can seem intimidating, but with Snyk it doesn’t have to be. We have three tips to help you roll out Snyk, and have a seamless and successful first 30 days across your business or enterprise. Before you start inviting team members and importing projects, you’ll want to consider your account strategy, set up single sign-on (SSO), and configure your first organization.

Read Post

Snyk

Read more about Best practices for your first 30 days with Snyk

Which TLS version is obsolete?

Jul 25, 2022 By John Gates In CalCom

Transport Layer Security is a security protocol used for facilitating seamless and safe communication between servers and web browsers. Put it his way, TLS encrypts data so that only the intended recipient and the sender can access it. Currently, TLS 1.2 and TLS 1.3 are the most commonly used TLS versions. After some major upgrades, TLS’s 1.3 version has emerged as one of the most extensively used and the safest security protocols for websites that need a high-end encryption service.

Read Post

CalCom

Read more about Which TLS version is obsolete?

The 443 Podcast Episode 203 - USA's Answer to GDPR

Jul 25, 2022 By WatchGuard In WatchGuard

This week on the podcast, we discuss the current cyber skills gab and a federal program designed to help combat it. After that, we dive in to the American Data Privacy protection Act and what it potentially means if passed by US Congress. We end this week with a quick update on Microsoft's attempts to protect users from malicious macro-enabled documents. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

View Video

WatchGuard

Read more about The 443 Podcast Episode 203 - USA's Answer to GDPR

Want To Become A Red teamer? This Is What You Need To Know

Jul 25, 2022 By Trustwave In Trustwave

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company. However, there is more to being a Red team member than just signing up.

Read Post

Trustwave

Read more about Want To Become A Red teamer? This Is What You Need To Know

CVE-2022-22280 - Critical SonicWall Vulnerability Impacting Analytics On-Prem and Global Management System Products

Jul 25, 2022 By Sule Tatar In Arctic Wolf

On Thursday, July 21, 2022, SonicWall disclosed a critical severity vulnerability – CVE-2022-22280 – impacting their Analytics On-Prem and Global Management System (GMS) products, which are used for central management and deployment of SonicWall firewalls, email security, remote access, and other solutions.

Read Post

Arctic Wolf

Read more about CVE-2022-22280 - Critical SonicWall Vulnerability Impacting Analytics On-Prem and Global Management System Products

Difference Between Black-Box Testing & White-Box Testing

Jul 25, 2022 By Harikrishna Kundariya In Appknox

A developer goes through different development and deployment rules for creating applications. Testing is an essential step in the development cycle. When it comes to software testing, many techniques need to be used from time to time. Yet the confusion around white, grey, and black testing techniques are most common among all software testing techniques. They often appear similar, yet the differences between them are very jarring.

Read Post

Appknox

Read more about Difference Between Black-Box Testing & White-Box Testing

Tackle cloud-native adoption and security hurdles with Coforge and Sysdig

Jul 25, 2022 By Durgesh Shukla In Sysdig

The desire to take advantage of the modern cloud-native paradigm has forced many enterprises to rush to production with Kubernetes and containerized applications. Often, the incorrect expectation with cloud-native adoption is that Ops teams would be able to easily transition their existing security and operational practices, workflows and tooling to these new software development platforms and everything would still work as before.

Read Post