Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest posts

netskope

How Netskope Cloud Exchange as a Managed Service Can Help Improve Your Security Posture

Dec 13, 2022 By David Willis In Netskope

Starting January 1, 2023, Netskope will offer customers Cloud Exchange (CE), its industry leading integration platform, as a managed service. This managed service will enable a much larger customer base to benefit from CE, including customers lacking in-house resources or preferring to consume CE as a managed service.

Read Post
Tines

Expel's Jon Hencinski: How to reduce risk through better security strategy

Dec 13, 2022 By Thomas Kinsella In Tines

In this episode of The Future of Security Operations podcast, Thomas speaks with Jon Hencinski, Vice President of SecOps at Expel, a company with "a mission to make security easy to understand, easy to use, and easy to continuously improve." Jon is passionate about getting to the root cause of security issues and using strategy to help organizations eliminate problems.

Read Post

Remote Development with Visual Studio Code and Teleport

Dec 13, 2022 By Teleport In Teleport
In this video, we'll look at how to use Visual Studio Code's Remote SSH extension alongside of Teleport. This extension allows users to open any file or folder on a remote machine using SSH along with the ability to utilize VS Code's full feature set. Well use Teleport to generate an OpenSSH config, granting secure, short-lived access, to it's managed servers, via this extension.
View Video

SANS 2022 Multicloud Survey Exploring the World of Multicloud

Dec 13, 2022 By Corelight In Corelight
SANS research has shown that more organizations are using multiple cloud providers. Multicloud adoption can be driven by a variety of factors, such as competitive differentiation, mergers and acquisitions, and more. This event explores various results from the SANS 2022 Multicloud Survey, including multicloud adoption trends, how adoption decisions are made, and—most importantly—what cybersecurity teams are doing to cope with the onslaught of challenges brought about by so much change, complexity, and variation in the cloud services marketplace.
View Video
elastic

Elastic + Tidal making MITRE ATT&CK easier

Dec 13, 2022 By Devon Kerr In Elastic
Security vendors seem to have a complicated relationship with the MITRE ATT&CK(™) matrix. With one hand, they hold it high as a powerful resource, and with the other, they criticize some aspect of it. But regardless of your viewpoint on any given day, ATT&CK is one of the most important resources for improving your understanding of threat capabilities and aligning those to technical controls, countermeasures, or mitigations.
Read Post
netwrix

Using LDAP Ping to Enumerate Active Directory Users

Dec 13, 2022 By Joe Dibley In Netwrix

LDAP Nom Nom is a recently discovered brute-force technique for enumerating valid usernames in Active Directory — anonymously and without leaving any log entries behind. It abuses LDAP Ping, a little-known mechanism in Active Directory normally used by computers to check whether a domain controller is alive. This blog post explains how LDAP Ping works and how adversaries can abuse it with LDAP Nom Nom.

Read Post
Snyk

Unsafe deserialization vulnerability in SnakeYaml (CVE-2022-1471)

Dec 13, 2022 By Brian Vermeer In Snyk

SnakeYaml is a well-known YAML 1.1 parser and emitter for Java. Recently, a vulnerability — CVE-2022-1471 — was reported for this package. This vulnerability can lead to arbitrary code execution. The org.yaml:snakeyaml package is widely used in the Java ecosystem, in part because it is packaged by default with Spring Boot in the spring-boot-starter.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.