BSides312 2024: Insights and Innovations in Cybersecurity
The first-ever BSides312 brought together security pros in Chicago, featuring insights on risk quantification, incident response, and innovative training for seniors.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Learning from cloud transformation as we move to AI
Development teams of all sizes are embracing the excitement and possibility of using AI tools to build software. Coding assistants like Google Gemini and Github Copilot have the potential to accelerate development like never before, and developers are adopting these tools — whether or not leadership has officially approved them. As your team considers the best ways to adopt this new technology, this transition might feel like déjà vu.
Kubernetes Security Fundamentals: API Security - Part 2
In this video we’ll continue our look at the details of how Kubernetes secures the various APIs it uses, looking at the main Kubernetes API server. For more information, please see our security labs blog Kubernetes security fundamentals: API Security.
Harden workloads with zero disruption
Securing Kubernetes environments is a continuous task, but the journey is fraught with challenges, particularly when addressing misconfigurations. This blog post explores the nuances of securing Kubernetes without disrupting applications, exploring the challenges, and proposing strategies for effective resolution.
Lessons Learned About Secrets Protection After the Sisense Breach
Sisense is a popular monitoring tool that enables users to monitor business metrics from multiple third-party sources in a single dashboard. On April 10, the company informed customers that the sensitive information they entrusted with Sisense may have been compromised and urged them to reset their password and rotate their secrets. According to KrebsOnSecurity, the attackers were allegedly able to access GitLab repositories hosted by Sisense, where hard-coded secrets may have been found.
TruffleHog vs. Gitleaks: A Detailed Comparison of Secret Scanning Tools
TruffleHog and Gitleaks are popular secrets scanning tools that can automatically surface hardcoded secrets such as API keys, passwords, and tokens. They can both be integrated into the Software Development Lifecycle (SDLC) to proactively scan repositories to identify and rectify potential issues before they can be exploited. The need for effective secret detection tools underscores a broader shift toward more secure software development practices.
Remote Work Security: Trusting Employees and Protecting Data
With the rise of remote work, ensuring that employees are actually working from secure locations is more crucial than ever. This clip discusses the trust issues and risks associated with employees working from unapproved locations, highlighting the need for robust IT asset management and security protocols to protect sensitive data.
Understanding the Difference Between BDRSuite and BDRCloud
When it comes to backup and disaster recovery, Vembu offers two robust solutions: BDRSuite and BDRCloud. While both are designed to deliver comprehensive protection for your data, they cater for different deployment preferences. BDRSuite and BDRCloud are cost-effective and comprehensive backup and disaster recovery solution offering.
Windows 11 Boosts Security: NTLM Out, Kerberos In
Microsoft’s initiative to phase out NTLM authentication in favor of the more secure Kerberos protocol was originally announced back in October 2023. At that time, the Windows maker declared its intention to deprecate NTLM and encourage organizations to transition to Kerberos for authentication purposes across its ecosystem. Microsoft announced this week that later this year they are expecting to retire NTLM authentication in Windows 11.