Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

opsdemon

Latest posts

User Interface Release - Beta 6.0

We are proud to announce the release of beta user interface 6.0 which will has been rolled out for general availability to all Spambrella partners/customers. All users can now try out the beta version of our new user interface experience by clicking ‘Preview Version 6.0 (BETA)’ located below the search bar on the upper right side of the existing user interface.

Endpoint Security Analytics with Sumo Logic and Carbon Black

As the threat landscape continues to expand, having end-to-end visibility across your modern application stack and cloud infrastructures is crucial. Customers cannot afford to have blind spots in their environment and that includes data being ingested from third-party tools.

Shifting Left Is a Lie... Sort of

It would be hard to be involved in technology in any way and not see the dramatic upward trend in DevOps adoption. In their January 2019 publication “Five Key Trends To Benchmark DevOps Progress,” Forrester research found that 56 percent of firms were ‘implementing, implemented or expanding’ DevOps. Further, 51 percent of adopters have embraced DevOps for either all new or all applications. Clearly, DevOps adoption is here and growing.

Mapping TrickBot and RevengeRAT with MITRE ATT&CK and AlienVault USM Anywhere

MITRE ATT&CK™ (Adversarial Tactics, Techniques and Common Knowledge) is a framework for understanding attackers’ behaviors and actions. We are pleased to announce that AlienVault USM Anywhere and Open Threat Exchange (OTX) now include MITRE ATT&CK™ information. By mapping alarms to their corresponding ATT&CK techniques, we are assisting in prioritizing analysis work by understanding the context and scope of an attack.

Announcing Sysdig Secure 2.3: NIST + PCI image compliance checks, Kubernetes and Docker remediation tips, and more!

Today we are very excited to announce our latest release — Sysdig Secure 2.3! In this version of Sysdig Secure, we have invested heavily in hardening the compliance posture of Kubernetes, Docker configurations, and container images. We have released a set of features that provide compliance focused image scanning, guided remediation, compliance dashboards, and more.

Why Can't I Protect Client Side?

From time-to-time we are asked “does our Encoder product protect JavaScript and HTML?” While our ionCube PHP Encoder product with its unique features such as Dynamic and External Keys do a wonderful job protecting the PHP code on your server, the same server protected code at the client side will still present all of the HTML, CSS and JavaScript when viewing the source in the browser.

Why Is Penetration Testing Critical to the Security of the Organization?

A complete security program involves many different facets working together to defend against digital threats. To create such a program, many organizations spend much of their resources on building up their defenses by investing in their security configuration management (SCM), file integrity monitoring (FIM), vulnerability management (VM) and log management capabilities. These investments make sense, as the resources listed above can all help protect the organization.