Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
What Does PCI DSS 4.0 Mean for Client-Side Security?
PCI DSS 4.0 couldn’t have come at a more opportune time, particularly as the global pandemic forces more individuals into online purchasing—from shopping and entertainment to healthcare and hospitality. With PCI 4.0 compliance mandated by 2025, it is critical to understand now what it will mean for client-side security, so businesses can begin the implementation process.
How to use Atomic Red Team to test Falco rules in K8s
The best way to know if something works is to try it out. Ensuring that your security products are actually working is a fundamental task of routine maintenance. This is why it is so useful to use tools like Atomic Red Team that generate suspicious events based on ATT&CK techniques and see how Falco triggers alerts. In this blog, we will cover how to install and run the Atomic Red Team environment on a Kubernetes system for testing Falco rules.
The Right Foundational Technology Makes a "Hybrid Flexible" Workplace Possible
Two years ago, the world shut down. We all lived through the start of the pandemic, when the world’s white-collar workforce was sent home en masse. Remote work became the only option for employees in many positions across many companies. This working environment was isolating, and staff required entirely new workflows just to keep business processes functional—but we survived it.
What Does Defense-in-depth Mean and How Does it Bring Infrastructure and Data Security Together?
With the rise of ransomware and cyber attacks, the term defense-in-depth has risen to the forefront, but what exactly does it mean? At its core, defense-in-depth is a protection mechanism for network security–an approach that involves layering or using multiple controls in series to protect against possible threats. This layered concept provides multiple redundancies in the event systems and data are compromised.
Understanding your deployment options: Cloud, self-hosted, and the Tines Tunnel
One of the biggest decisions a rapidly evolving organization has to make when it comes to its IT infrastructure is whether to move to the cloud. At Tines, we love the cloud but understand that different security systems and environments require different deployment options. Some organizations need extra guardrails in place to access and manage their systems and data.
Company Celebration -- WhiteSource is now Mend
CEO & co-founder Rami Sass speaks at the company celebration of the rebrand from WhiteSource Software, to Mend.
Identifying and Avoiding Malicious Packages
Securing your software supply chain is absolutely critical as attackers are getting more sophisticated in their ability to infect software at all stages of the development lifecycle. This webinar will be a technical showcase of the different types of malicious packages that are prevalent today in the PyPI (Python) and npm (Node.js) package repositories. All examples shown in the webinar will be based on real data and malicious packages that were identified and disclosed by the JFrog security research team.
Configuring Application Hooks Within CloudCasa Demo
Learn how to set up application hooks to quiesce a Kubernetes database to get an application-consistent snapshot before doing a Kubernetes backup. Application hooks are pre- and post-scripts that can be invoked within a pod on your Kubernetes cluster for application-consistent backup and restore.
Real world use cases for NDR in the Cloud
As we’ve learned from events like Sunburst and Log4Shell, network telemetry provides essential evidence for catching threats that other tools miss. Watch Senior Director of Product - Cloud Security - Vijit Nair dive into real world use cases from the research team at Corelight -- the creators and maintainers of Zeek. You'll learn how the collection and analysis of cloud network traffic leads to better threat detection and faster response.
Top 10 CI/CD Automation Tools
Software teams have focused on agility since the world embraced Mark Zuckerberg’s motto to “move fast and break things.” But many still lack the confidence or tooling to accelerate their processes. What’s more: in the race to release more, ship faster, and prioritize speed, many have neglected thoughtfulness and security – with Facebook itself becoming the poster child of data misuse.