Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A Team-Centric View of Security with Snyk and CloudBees

Jun 8, 2021 By Snyk In Snyk
How does a team-centric collaboration focus change how a team maintains the security of the code? In this fireside chat, Patrick Debois, Snyk Labs Researcher, joins Anders Wallgren, Vice President of Technology Strategy at CloudBees. to explore this theme. They discuss what's new and changing with application security and what have we learned from DevOps that organizations can and should apply to DevSecOps.
View Video
idcentral

Digital Identity Update: Digital Identity Wallet to build a secure and seamless onboarding system for EU

Jun 8, 2021 By Ayesha Kapoor In IDcentral

From ordering groceries to paying taxes everything has taken a shift to digital platforms. If you are still not going digital, you are putting your survival at stake. With the spur in digitization, digital identification has become ‘fundamental’ to the everyday operation of online services, but a universally recognized and secure solution has been lacking ever since.

Read Post

I can use VS Code to hack into your development environment

Jun 8, 2021 By Snyk In Snyk
We have been witnessing an ever-growing amount of supply chain security incidents in the wild. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE. Recently, Snyk has discovered and disclosed vulnerabilities that pose a real and imminent threat to developers who use these extensions. The potential compromise is so significantly severe that a remote code execution on a developer’s machine is possible by simply tricking the developer to click a link.
View Video
SecurityScorecard

JBS Ransomware Attack Started in March and Much Larger in Scope than Previously Identified

Jun 8, 2021 By Ryan Sherstobitoff In SecurityScorecard

SecurityScorecard also found that 1 in 5 of the world’s food processing, production, and distribution companies rated have a known vulnerability in their exposed Internet assets

Read Post
ThreatQuotient

See how to Amplify your SIEM by Integrating with the ThreatQ Platform

Jun 8, 2021 By Liz Bush In ThreatQuotient

SIEMs have been around for decades, designed to replace manual log correlation to identify suspicious network activity by normalizing alerts across multiple technology vendors. SIEMs correlate massive amounts of data from the sensor grid (your internal security solutions, mission-critical applications and IT infrastructure). As organizations are looking at ways to mine through SIEM data to find threats and breaches, they are bringing in threat intelligence feeds to help.

Read Post
sumologic

Ensure Cloud Security With These Key Metrics

Jun 8, 2021 By Mike Mackrory In Sumo Logic
Over the past decade, the way we build and deploy applications has changed dramatically. The explosion of public cloud providers enables us to deploy software without engaging in a drawn-out process to procure and set up infrastructure. Agile, DevOps, Continuous Integration, Continuous Deployment, and other changes to how we work have dramatically accelerated the speed with which we can get new applications and updates in front of our users.
Read Post
netskope

Operationalizing IP Allow Lists for Cloud Environments

Jun 8, 2021 By Jenko Hwong In Netskope

If applying IP allow lists to the cloud excites you as much Another One Bites the Dust on volume 11, read on. In this blog, I’ll discuss some considerations regarding operationalizing, automating, and increasing the efficacy of IP allow lists in your cloud infrastructure. Although this discussion will be in the context of cloud infrastructure providers such as AWS, GCP, and Azure, it should also be applicable to other cloud infrastructure and application environments.

Read Post
netskope

Cloud Threats Memo: RDP Misconfigurations and Initial Access Brokers

Jun 8, 2021 By Paolo Passeri In Netskope

A recent study by Sophos has added more fuel to the RDP fire, confirming that the exploitation of this service, when not adequately protected, remains one of the preferred techniques to compromise an organization. Not only has the exposure of RDP servers, driven by the pandemic, led to an exponential increase of brute-force attacks against this service, but it has also encouraged a flourishing market of initial access brokers.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.