4 Key Elements of A Good Cyber Hygiene
Here are 4 simple ways to take care of your organization’s cyber hygiene.
Top Recent Third-Party Breaches
The average company can’t do business without their third parties. Vendors, suppliers, partners, distributors, and contractors — third parties make it so much simpler to build, distribute and sell a product or service.
WTF is Open Source
Are you looking to join an existing open source project, but don’t know where to start? Interested in finding out more about open source software in general? Looking to start a personal project but don’t know what to base it on? If the answer is yes, this event could be for you. We will be hosting a panel discussion with amazing leaders within the OS space. They will share everything from how they got involved, what they are working on at the moment as well as share any tips and tricks they learnt along the way.
Protestware is trending in open source: 4 different types and their impact
A few days ago, Snyk reported on a new type of threat vector in the open source community: protestware. The advisory was about a transitive vulnerability — peacenotwar — in node-ipc that impacted the supply chain of a great deal of developers. Snyk uses various intel threat feeds and algorithms to monitor chatter on potential threats to open source, and we believe this may just be the tip of a protestware iceberg.
SOARs vs. No-Code Security Automation: The Case for Both
Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization. Today, however, SOAR platforms are increasingly assuming a legacy look and feel. Although SOARs still have their place in a modern SecOps strategy, the key to driving SecOps forward today is no-code security automation.
Your Current Endpoint Security May Be Leaving You with Blind Spots
Threat actors are continuously honing their skills to find new ways to penetrate networks, disrupt business-critical systems and steal confidential data. In the early days of the internet, adversaries used file-based malware to carry out attacks, and it was relatively easy to stop them with signature-based defenses. Modern threat actors have a much wider variety of tactics, techniques and procedures (TTPs) at their disposal.
Threat-Based Methodology: Configuration Settings
This is the second post in the Threat-Based Methodology series. The first post introduced Threat-Based Methodology and the analysis conducted by the FedRAMP PMO and NIST. That post concluded with a list of the top seven controls based on their Protection Value. This post will explore CM-6 in greater depth and explain how Devo supports the ability to meet this control. CM-6, Configuration Settings, was determined to provide the most Protection Value with a score of 208.86.
Getting Started with Kubernetes Ingress
Kubernetes Ingress is one of today’s most important Kubernetes resources. First introduced in 2015, it achieved GA status in 2020. Its goal is to simplify and secure the routing mechanism of incoming traffic to your defined services. Ingress allows you to expose HTTP and HTTPS from outside the cluster to your services within the cluster by leveraging traffic routing rules you define while creating the Ingress.
Falcon Complete: A Pioneer in MDR
Stop breaches with an MDR that stays one step ahead of today’s sophisticated adversaries. With 24/7 proactive threat hunting and hands-on surgical remediation, CrowdStrike Falcon Complete owns the entire lifecycle of an incident.