Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
JavaScript type confusion: Bypassed input validation (and how to remediate)
In a previous blog post, we showed how type manipulation (or type confusion) can be used to escape template sandboxes, leading to cross-site scripting (XSS) or code injection vulnerabilities. One of the main goals for this research was to explore (in the JavaScript ecosystem) how and if it is possible to bypass some security fixes or input validations with a type confusion attack (i.e by providing an unexpected input type).
How and when to use Docker labels / OCI container annotations
Most container images are built using Dockerfiles which contain combinations of instructions like FROM, RUN, COPY, ENTRYPOINT, etc. to build the layers of an OCI-compliant image. One instruction that is used surprisingly rarely, though, is LABEL. In this post, we’ll dig into labels (“annotations” in the OCI Image Specification) what they are, some standardized uses as well as some practices you can use to enhance your container security posture.
Lookout ZTNA - Setting up an access policy for unmanaged devices
This video shows the simple steps for setting up a policy in Lookout ZTNA to prevent an unmanaged device from accessing an enterprise application.
Lookout CASB - Preventing Sensitive Data Leakage to Personal Channels in Slack
This demo shows you how Lookout prevents accidental data leakage to personal slack channels. With personal and enterprise channels often side-by-side, its easy to make this type of mistake.
Lookout CASB - Secure Collaboration and Compliant Sharing of Content in Slack
In this video you will see how Lookout can prevent an external user from being added to a private slack channel that contains sensitive data.
Lookout CASB provides enhanced visibility into activities in Slack
This video demonstrates how an administrator can filter activity logs to view activities in Slack. The video selects both a personal and enterprise slack account and applies filters.
Lookout CASB Protects Sensitive Data in Slack by Masking data and Watermarking
This video illustrates how Lookout CASB can protect sensitive data, such as a social security number, in Slack by detecting the data in chat and masking that data so that it is not shared in plain text. This video also shows how Lookout applies a watermark to sensitive content allowing addition policy actions to be applied.
Lookout Protects Against Mobile Phishing Threats
Alex Gladd, Principal Product Manager at Lookout discussed why it is important to have visibility into phishing threats and how Lookout Phishing and Content Protection can ensure your corporate data doesn't end up on the dark web.
Zero Trust? Don't Forget Your Mobile Fleet
Does your Zero Trust strategy include mobile devices? If not, it might have a zero chance of being successful. Hear how to deliver continuous authentication for mobile users connecting to corporate data. Speakers: Tomas Maldonado - CISO, NFL Ramy Houssaini - Chief Cyber & Technology Risk Officer & Group Privacy Officer, BNP Paribas
CIS Control 11: Data Recovery
Data loss can be a consequence of a variety of factors from malicious ransomware to hardware failures and even natural disasters. Regardless of the reason for data loss, we need to be able to restore our data. A data recovery plan begins with prioritizing our data, protecting it while it is being stored, and having a plan to recover data.