Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sumologic

Building a Modern SOC

Aug 10, 2021 By Sumo Logic In Sumo Logic
It’s not every day that you get four CTOs of leading Cloud companies in a discussion about security, the changing role of the security operations center (SOC), and how best to manage data, artificial intelligence(AI), and service providers in these challenging times. To close out the 2021 Modern SOC Summit, Christian Beedgen, Sumo Logic’s CTO, hosted a discussion with Peter Silberman, CTO at Expel.io, Scott Lundgren, CTO at Carbon Black, and Todd Weber, the CTO at Optiv.
Read Post
netskope

New Phishing Attacks Exploiting OAuth Authorization Flows (Part 1)

Aug 10, 2021 By Jenko Hwong In Netskope

This blog series expands upon a presentation given at DEF CON 29 on August 7, 2021. Phishing attacks are starting to evolve from the old-school faking of login pages that harvest passwords to attacks that abuse widely-used identity systems such as Microsoft Azure Active Directory or Google Identity, both of which utilize the OAuth authorization protocol for granting permissions to third-party applications using your Microsoft or Google identity.

Read Post
teleport

Achieving SOC2 Compliance for Teleport Cloud with Teleport On-Prem

Aug 10, 2021 By Travis Gary In Teleport

Teleport has been instrumental in helping our clients achieve difficult security and compliance requirements, and today we are proud to announce that our Cloud offering is now SOC2 Type II compliant. Last year our on-premises product was SOC2 Type II certified, and we published an overview on our blog helping explain what SOC2 is and why it has become table stakes for B2B SaaS companies.

Read Post
Forward Networks

You Can't Secure What You Can't See

Aug 10, 2021 By Dawn Slusher In Forward Networks

Between us — there’s no such thing as zero trust — it’s a catchy term used to describe a very complicated approach to security. But just because marketing loves the term doesn’t mean we should ignore the concept. The idea of zero trust is the assumption that users should be granted the least access possible to be productive, and that security should be verified at every level with consistent protection measures.

Read Post

Create a Custom Policy in the Veracode Platform

Aug 10, 2021 By Veracode In Veracode
In this video, you will learn how to create a custom policy in the Veracode Platform. The Veracode Platform enables you to create an application security policy against which you can evaluate and measure your applications. You can create, edit, or delete a policy. You must have the Policy Administrator role to perform policy maintenance activities. Policies can comprise one or more of the following types of requirements for your applications: rules, scan requirements, and remediation grace periods. You define the requirements while creating a new policy.
View Video

Splunk Mobile - Backend Summary (in 60s)

Aug 10, 2021 By Splunk In Splunk
Get to know the Secure Gateway Splunk app, which allows you to deploy and manage your fleet of mobile devices at scale. Plus, take a peek behind the scenes to learn how Splunk Secure Gateway facilitates communication between mobile devices and Splunk platform instances using an end-to-end encrypted cloud service called Spacebridge. Finally, get the latest on Spacebridge compliance and data privacy, since Spacebridge has now been certified to meet SOC2, Type 2 and ISO 27001 standards and is HIPAA and PCI-DSS compliant.
View Video
tripwire

Why Are Ransomware Attacks Against OT Increasing?

Aug 10, 2021 By Tripwire Guest Authors In Tripwire

Most discussions around cybersecurity understandably focus on information technology (IT). Assets like cloud services and data centers are typically what companies spend the most time and effort securing. Recently, though, operational technology (OT) has come under increasing scrutiny from leading security experts in both the private and public sectors. In June, for instance, the Cybersecurity and Infrastructure Security Agency (CISA) released a fact sheet about ransomware attacks on OT.

Read Post
Egress

Crime-as-a-service: How anyone can become a hacker

Aug 10, 2021 By Egress In Egress

The internet is an incredible tool for education. Unfortunately, not everyone uses it to better themselves or the world around them. There are plenty of opportunities to learn how to defraud, damage, and steal from organizations – so many in fact, that this open source of hacking knowledge is a new technology service industry in its own right: crime-as-a-service.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.