Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Wishes Do Come True: Fast Development, Secure Delivery

Dec 16, 2020 By Snyk In Snyk
Organizations re-thinking their software delivery lifecycle are faced with a dilemma: how to speed up the pace of development necessary to surpass their competition, without sacrificing the security of the applications they’re delivering? CI/CD practices and tools have risen up to help meet this need, but fitting legacy applications and security tools into these modern pipelines exposes new gaps that risk slowing release velocity.
View Video

Introducing Teleport Cloud | Access Management SaaS | Servers - Clusters - Applications

Dec 16, 2020 By Teleport In Teleport
Teleport Cloud allows you to secure access to your servers, Kubernetes clusters, and Web applications while leaving the operation of your Unified Access Plane to the experts at Teleport. You can still control access to your compute resources anywhere else in the cloud, plugin approval workflows, and use your choice of SSO identity provider. But now you can get your security deployed faster, and you have peace of mind knowing Teleport is continually patched, monitored, and maintained for you.
View Video
sumologic

Recommendations for monitoring SolarWinds supply chain attack with Sumo Logic Cloud SIEM

Dec 16, 2020 By Sourabh Bhosale and Paul Sheck In Sumo Logic
The global security community recently learned of a supply chain attack against SolarWinds via their Orion® Platform. In this blog we are providing recommendations for Sumo Logic customers to gain a deeper understanding of how to utilize available Indicators of Compromise (IOCs) within our Cloud SIEM offerings to determine your exposure to the attack. Additionally, we’re sharing targeted search recommendations from our Sumo Logic Special Operations (or SpecOps) threat hunting team.
Read Post
upguard

How to Select a Third-Party Risk Management Framework

Dec 16, 2020 By Abi Tyas Tunggal In UpGuard

For many businesses, global third-party vendors have become an important source of strategic advantage and business value. Yet outsourcing is not without its risks. As reliance on third-parties continues to grow, so does the number of headline stories of regulatory action and reputational damage that arise from third-party breaches or failure. Those driving organizations need to reconsider how they approach, identify and manage third-party risk.

Read Post
upguard

How to Secure Apache Tomcat 8 in 15 Steps

Dec 16, 2020 By UpGuard Team In UpGuard

Apache Tomcat is the leading Java application server by market share and the world's most widely used web application server overall. Currently at version 8, the popular web server has not been without its security flaws, perhaps most famously publicized in this incident of aircraft hacking by security researcher Chris Roberts earlier this year. However, hardening Tomcat's default configuration is just plain good security sense—even if you don't plan on using it on your plane's network.

Read Post
veracode

Defense in Depth: Why You Need DAST, SAST, SCA, and Pen Testing

Dec 16, 2020 By Laura Paine In Veracode

When it comes to application security (AppSec), most experts recommend using Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) as “complementary” approaches for robust AppSec. However, these experts rarely specify how to run them in a complementary fashion.

Read Post

How to Enable Detection Rules via Elastic Security - Version 7.10

Dec 16, 2020 By Elastic In Elastic
The detection engine brings automated threat detection to the Elastic Stack through the Security app in Kibana. As part of our belief in the power of open-source, Elastic Security has open sourced all our detection rules to work alongside the security community to stop threats at scale and arm every analyst. In this video, you’ll learn more about the detection engine and how to automate the protection of your data.
View Video
lookout

Lookout Discovers New Spyware Used by Sextortionists to Blackmail iOS and Android Users

Dec 16, 2020 By Apurva Kumar In Lookout

The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan. The spyware, which we have named Goontact, targets users of illicit sites, typically offering escort services, and steals personal information from their mobile device. The types of sites used to distribute these malicious apps and the information exfiltrated suggests that the ultimate goal is extortion or blackmail.

Read Post
tripwire

5 Key Security Challenges Facing Critical National Infrastructure (CNI)

Dec 16, 2020 By Emanuel Ghebreyesus In Tripwire

Digital threats confronting Critical National Infrastructure (CNI) are on the rise. That’s because attackers are increasingly going after the Operational Technology (OT) and Industrial Control Systems (ICS) that shareholders use to protect these assets.

Read Post
inetco

Maximize Card Profitability and Sleigh Payment Fraud Attacks with Transaction Intelligence

Dec 16, 2020 By Laura Fear In INETCO

It’s a busy season for card issuers, card networks and payment service providers. Transaction and purchase volumes are rising across mobile and online channels — with Black Friday and Cyber Monday e-commerce sales up 15% from last year. Despite this holiday season’s resilient e-commerce sales, organizations must continue to find ways to maximize transactions and card profitability in the face of reduced in-store purchase volumes, interest margins, fees and interchange revenues.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.