Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
What Is Identity Lifecycle Management?
If you help to manage cloud environments, you’re probably familiar with the concept of identity lifecycle management. Identity lifecycle management helps you keep track of who is allowed to do what within your cloud. But merely understanding identity lifecycle management isn’t enough to administer modern cloud identities effectively. You also need a way to automate identity lifecycle management at massive scale.
Newly Proposed Rules from the SEC Mean New Requirements for the Financial Industry and Public
On March 9, the US Securities and Exchange Commission (SEC) issued proposed rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. SEC Chair Gary Gensler highlighted in the press release that “Over the years, our disclosure regime has evolved to reflect evolving risks and investor needs. Today, cybersecurity is an emerging risk with which public issuers increasingly must contend.
Teleport 9 Webinar - Machine ID
0:00 Teleport 9
9:57 Demo: MachineID
26:20 Demo: Accessing Redis using Teleport Database Access
https://goteleport.com/blog/machine-to-machine-access/
https://goteleport.com/docs/database-access/guides/redis/
Streamline KYC Onboarding Workflow with Kroll's Business Connect Platform
Introducing Kroll Business Connect for compliance professionals, a centralized, cloud-based platform designed to streamline know your customer (KYC) onboarding workflow – including file sharing, communications and tasks – in real-time with all stakeholders using one single platform. Compliance teams in any industry can tailor our proprietary platform to their specific needs. Business Connect easily integrates with any compliance software or CRM system.
Don't Just Ensure Cybersecurity Asset Compliance - Prove It
With cybersecurity asset compliance, it’s not enough to ensure your systems and processes are operating in accordance with security frameworks and regulations. Unless you can prove compliance, you’re still subject to failed audits and penalties. When you automate cybersecurity device assessment and policy enforcement with Forescout, passing compliance audits becomes a byproduct of security operations.
Just Because You Don't Use Log4j or Spring Beans Doesn't Mean Your Application is Unaffected
By now, you’re probably all aware of the recent Log4j and Spring Framework vulnerabilities. As a recap, the Log4j vulnerability – made public on December 10, 2021 – was the result of an exploitable logging feature that, if successfully exploited, could allow attackers to perform an RCE (Remote Code Execution) and compromise the affected server.
CIS Control 16 Application Software Security
The way in which we interact with applications has changed dramatically over years. Enterprises use applications in day-to-day operations to manage their most sensitive data and control access to system resources. Instead of traversing a labyrinth of networks and systems, attackers today see an opening to turn an organizations applications against it to bypass network security controls and compromise sensitive data.
The Upsurge in Ransomware Attacks in Australia and Opportunities to Protect Data
There are rare occasions when you open the news and don't find anything about cybersecurity in the headlines. According to the Australian Cyber Security Centre (ACSC), Australia has dealt with a cyberattack every 8 minutes in the financial year 2020-21, with over 67,500 cases of cybercrime registered in the same year. Studies indicate that ransomware is one of the most frequent and damaging types of malware leveraged by cybercriminals.
Kubernetes Version 1.24: Everything You Should Know
The first Kubernetes release of 2022 will be released on May 3rd. The new release, version 1.24, is full of enhancements, new features, and bug fixes. We’ve written this post so you can adjust your Kubernetes resources, update infrastructure, and smoothly migrate to the new version. We’ve also grouped the changes with their respective Special Interest Groups (SIGs), so that you can focus on the interrelated topics at once.
A CISO's Guide for Measuring your Security
Measuring risk is key to business continuity. A growing attack surface will present many businesses with challenges of how to manage their enterprise assets and maintain a robust cyber security posture. An expanding remote workforce, increasing levels of data and the continuous rollout of evolutionary solutions can all present hackers with potential entry points to exploit if security measures are not in place.