%term

ICMAD SAP Vulnerability (CVE-2022-22536) - Critical Risk

Feb 14, 2022 By Harman Singh In Cyphere

SAP stands for System Applications and Products in data processing, the market leader in ERP software, helping some of the biggest names in the business. The application tier is often the heart of the entire SAP ERP system, looking after interfacing with other apps, transactions, jobs, reporting and database access.

Read Post

Cyphere

Read more about ICMAD SAP Vulnerability (CVE-2022-22536) - Critical Risk

Navigating Change Results - The CISO and CTO View

Feb 14, 2022 By Netskope In Netskope

The Results are In Diverse approaches, but consistent cost savings. Our latest research shows European CIO and CISO intentions and practices at a time of huge security and networking change. See the key findings, dig into the results and hear analysis of what it all means directly from our EMEA CISO Neil Thacker and VP Vice President, Sales Engineering, EMEA/LATAM, Andy Aplin. What does network and security transformation mean in practice for teams, budgets, skills and suppliers? View our video & infographic for the key headlines – then request our Ebook for the full picture.

View Video

Netskope

Read more about Navigating Change Results - The CISO and CTO View

Security implications of Kubernetes Operators

Feb 14, 2022 By Chris Laux In Snyk

Managing resources in early versions of Kubernetes was a straightforward affair: we could define resources with YAML markup and submit these definitions to the cluster. But this turned out to require too much manual work, and at too low of a level. The next step in the evolution of Kubernetes was to use Helm charts. Sometimes called “the package manager for Kubernetes,” Helm allowed developers to share entire application setups using a templating language.

Read Post

Snyk

Read more about Security implications of Kubernetes Operators

How to Generate Your First Detection in CrowdStrike Falcon

Feb 14, 2022 By CrowdStrike In CrowdStrike

In this short demo we'll verify that the Falcon Sensor has been installed and communicating with the cloud. Then use a test command and run malware to validate proper communication and configuration. Finally we'll change our policy to block malicious on-write.

View Video

CrowdStrike

Read more about How to Generate Your First Detection in CrowdStrike Falcon

Privileged Account and Session Management: How To Deploy It

Feb 14, 2022 By Syteca In Syteca

The more access rights an employee has, the more possibilities they have to misuse or abuse privileges. According to the ENISA Threat Landscape 2021 report, a third of surveyed organizations suffered from privilege abuse by insiders during the period from April 2020 through July 2021. That’s why establishing an appropriate level of privileged account management plays a significant role in ensuring your organization’s cybersecurity.

Read Post

Syteca

Read more about Privileged Account and Session Management: How To Deploy It

How to interpret your Detectify score

Feb 14, 2022 By detectify In Detectify

Detectify is aiming to make security understandable and easy to work with. That is why we visualize your security status in several ways in the tool: You can track the progress over time and your Threat Score gives you an instant security level ranking. In the blog post, we will focus on how you should interpret and work with your Threat Score.

Read Post

Detectify

Read more about How to interpret your Detectify score

OT Vulnerability Management: A Risk-Based Approach

Feb 13, 2022 By Tripwire Guest Authors In Tripwire

The number of missing security patches in an OT system is typically very large—measured in the thousands, at least. It would be difficult and expensive for an asset owner to evaluate each missing security patch / cyber asset pair. This may be one reason we see a patch everything approach, but this is also difficult and expensive. In fact, assessments show this is rarely done even where required by policy.

Read Post

Tripwire

Read more about OT Vulnerability Management: A Risk-Based Approach

What is Kerberos Authentication? A Complete Overview

Feb 13, 2022 By Catherine Chipeta In UpGuard

Kerberos authentication is a network protocol that secures user access to services/applications by using secret-key cryptography across client-server communications. The Kerberos network authentication protocol helps prevent hackers from intercepting passwords over unsecured networks.

Read Post

UpGuard

Read more about What is Kerberos Authentication? A Complete Overview

Upgrade From Whitelist Profiler to Tripwire State Analyzer

Feb 13, 2022 By Josh Sensibaugh In Tripwire

If you’re a Tripwire® Whitelist Profiler customer, then you know that the software does an excellent job of executing its core functionalities. These include comparing the running state of a machine to the approved and expected configurations in your environment to stay in compliance with audit and internal policies. Although Whitelist Profiler is proficient in this regard, that doesn’t mean it can’t be improved in other capacities such as ease of use.

Read Post

Tripwire

Read more about Upgrade From Whitelist Profiler to Tripwire State Analyzer

Zero Trust for State and Local Government

Feb 13, 2022 By Lookout In Lookout

The cybersecurity threat landscape is shifting rapidly. More than 400 ransomware attacks have hit city and county governments in the United States since 2016, crippling vital government services for weeks at a time. Those are only the publicly reported instances – the actual number is likely exponentially higher, and these attacks are growing increasingly sophisticated. Meanwhile, high-profile threats to dams, electrical grids and other facilities, including the Colonial Pipeline attack this year, have shown the vulnerability of America’s critical infrastructure.

View Video