%term

The "Great Cannon" Has Been Deployed Again

Dec 4, 2019 By Chris Doman In AT&T Cybersecurity

Summary The Great Cannon is a distributed denial of service tool (“DDoS”) that operates by injecting malicious Javascript into pages served from behind the Great Firewall. These scripts, potentially served to millions of users across the internet, hijack the users’ connections to make multiple requests against the targeted site. These requests consume all the resources of the targeted site, making it unavailable.

Read Post

AT&T Cybersecurity

Read more about The "Great Cannon" Has Been Deployed Again

What is Fileless Malware?

Dec 4, 2019 By Tripwire In Tripwire

Did you know cybercriminals don't need to place malware on your system to get in? Travis Smith, Principal Security Researcher at Tripwire, explains how fileless malware works and how to defend against it.

View Video

Tripwire

Read more about What is Fileless Malware?

PSA: Beware of Exposing Ports in Docker

Dec 4, 2019 By Ben Meyer In Tripwire

Docker is an awesome technology, and it’s prevalent in nearly every software developer’s workflow. It is useful for creating identical environments and sharing them between development, testing, production, and others. It’s a great way to ship a reliable software environment between systems or even to customers. However, like with any technology, one must know how to be secure when using it.

Read Post

Tripwire

Read more about PSA: Beware of Exposing Ports in Docker

Open Policy Agent in Practice: From Angular to OPA in Chef Automate

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Michael Sorens from Chef discusses how OPA provides granular authorization within applications:

View Video

Styra

Read more about Open Policy Agent in Practice: From Angular to OPA in Chef Automate

Open Policy Agent at Scale: How Pinterest Manages Policy Distribution

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Jeremy Krach and Will Fu discuss how OPA policies are authored, distributed, and utilized at Pinterest (service mesh, kafka, internal tools). They also cover lessons learned in the process.

View Video

Styra

Read more about Open Policy Agent at Scale: How Pinterest Manages Policy Distribution

TripAdvisor: Building a Testing Framework for Integrating Open Policy Agent into Kubernetes

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Luke Massa from TripAdvisor discusses how he leveraged OPA’s API and unit test framework. The example shown is a system in which you write k8s admission policy alongside some mock changes to the cluster, some of which should be accepted and some of which should not be, and then run code that tells you whether your policy matches your expectation.

View Video

Styra

Read more about TripAdvisor: Building a Testing Framework for Integrating Open Policy Agent into Kubernetes

17 Ransomware Examples

Dec 4, 2019 By Abi Tyas Tunggal In UpGuard

Ransomware, a type of malicious software or malware, is designed to deny access to computer systems or sensitive data until ransom is paid. While ransomware has been around for decades, ransomware attacks are becoming more sophisticated, spreading through phishing emails, spear phishing, email attachments, vulnerability exploits, computer worms and other attack vectors.

Read Post

UpGuard

Read more about 17 Ransomware Examples

Deploying Open Policy Agent at Atlassian

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Chris Stivers and Nicholas Higgins from Atlassian walk through their journey building a global authorization platform with Open Policy Agent and the help of Fluentd, S3, CDN's, Amazon Kinesis, and many more.

View Video

Styra

Read more about Deploying Open Policy Agent at Atlassian

Open Policy Agent for Policy-enabled Kubernetes and CICD

Dec 4, 2019 By Styra In Styra

From the Open Policy Agent Summit at KubeCon, Jiummy Ray from CapitalOne discusses how you can satisfy compliance, governance, and security requirements effectively with OPA.

View Video

Styra

Read more about Open Policy Agent for Policy-enabled Kubernetes and CICD

The New Sumo Logic AWS Security Quick Start

Dec 3, 2019 By Sourabh Jain, Ankit Goel, Duc Ha and Rishi Divate In Sumo Logic

Security is a top concern for any enterprise to move their applications and workloads to the public cloud. AWS offers a broad selection of native security tools and as our Continuous Intelligence Report noted, AWS customers are using several of these to improve the security of their AWS environment. However, it can be overwhelming to know where to start and how to deploy best practices for detecting security misconfigurations caused by human errors and attacks from external sources.

Read Post