Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
The CEO's Guide to Penetration Testing
CEOs, when it comes to your organization's security posture, you can never be too aggressive. And while there are many different security technologies and practices you can implement, penetration testing should be high on your list. Here's why penetration testing should be your favorite security tool.
NeoSystems & Deltek Join Forces to Deliver Services in the Cloud
RESTON, Va., July 12, 2022 – NeoSystems, a full-service strategic outsourcer, IT systems integrator and managed services provider to the government contracting market, is once again joining forces with Deltek, the leading global provider of software and solutions for project-based businesses.
ManageEngine: Authentication is the first step to Zero Trust
Are you evaluating the right identities in your Zero Trust approach? A Zero Trust network architecture (ZTNA), with its around-the-clock vigilance, monitoring, and auditing of user accounts, is widely seen as a viable option to guard a post-COVID hybird workplace. But an important question remains unanswered: is your ZTNA securing the right user accounts?
Tigera: Container security basics (part 2) - Using Calico for vulnerability management
In this container security series, you will further learn how Calico Cloud's image assurance capabilities reduce the attack surface by identifying vulnerabilities and misconfigurations and automatically blocking the use of vulnerable images with an admission controller. In addition, we will review how to specify exceptions to allow the use of images with vulnerabilities, visualize the security risk posed by these vulnerabilities at runtime, and author security policies to mitigate the risks.
Tigera: How to secure traffic leaving your Kubernetes Cluster with Zero-trust Workload Access Controls?
Kubernetes workloads are dynamic, distributed, and ephemeral and do not have fixed network addresses. Traditional methods such as network firewalls, which rely on fixed network addresses, are insufficient to specify access controls at a granular pod level. Calico provides granular zero-trust workload access controls to control the flow of data between individual pods in Kubernetes clusters and external resources including databases, internal applications, 3rd-party cloud APIs, and SaaS applications.
Tigera: Microsoft Azure: Hands-on AKS workshop: Implementing Zero-Trust Security for Containers
In this AKS-focused workshop, you will work with a Calico and Microsoft Azure expert to learn how to implement Zero-Trust security for workloads running on AKS. This 90-minute hands-on lab comes with your own Calico Cloud environment.
Forescout: OT:ICEFALL - How to Tackle a Decade of Insecure-by-Design Practices in OT
Forescout's Vedere Labs announced on June 21 the disclosure of "OT:ICEFALL": 56 vulnerabilities related to insecure-by-design functions affecting devices from 10 major operational technology (OT) manufacturers. Exploiting these vulnerabilities, attackers with network access to a target device could remotely execute code, change the logic, files or firmware of OT devices, bypass authentication, compromise credentials, cause denials of service or have a variety of operational impacts.
5 Common blind spots that make you vulnerable to supply chain attacks
Over the past several years, hackers have gone from targeting only companies to also targeting their supply chain. One area of particular vulnerability is company software supply chains, which are becoming an increasingly common method of gaining access to valuable business information. A study by Gartner predicted that by 2025, 45% of companies will have experienced a supply chain attack.