Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
What Types of Security Capabilities Do Managed Service Providers (MSP) Offer?
Last time, I discussed the four basic types of managed service providers (MSPs) with which organizations commonly partner. Those categories help to determine the types of services offered by MSPs. In general, MSPs provide five primary services to customers.
Label standard and best practices for Kubernetes security
In this blog post, I will be talking about label standard and best practices for Kubernetes security. This is a common area where I see organizations struggle to define the set of labels required to meet their security requirements. My advice is to always start with a hierarchical security design that is capable of achieving your enterprise security and compliance requirements, then define your label standard in alignment with your design.
What is CMMC? + Useful Resources, Communities & Expert Advice
In this guide, we are covering the facts that you need to know in order to prepare your business to tick off the necessary boxes required to meet CMMC compliance.
SquirrelWaffle and MirrorBlast: what organisations need to know
Defending against loader-type malware is crucial to avoid a potential ransomware incident, given the fact that is the foothold of the attack kill-chain related to ransomware tactics, techniques and procedures (TTPs). Two of the most recent malware loaders to emerge are SquirrelWaffle and MirrorBlast. While SquirrelWaffle delivers Cobalt Strike payloads to victims, MirrorBlast uses novel techniques to gather intelligence and drop malicious payloads onto devices.
Data Loss Prevention (DLP) APIs - Intro to the Nightfall Developer Platform
The Nightfall Developer Platform is a set of APIs to classify & protect sensitive data, like PII and credentials, to prevent data leaks in your app or service. Nightfall handles the data protection infrastructure so you can focus on building great products.
Arctic Wolf: The True Cost of Alert Fatigue
Alert fatigue isn't just an inconvenience, it's a major risk to your security posture. From IT talent turnover, to wasted budget dollars, to missed incidents, constant noise may be leaving your organization unprotected and creating a false sense of security. Join our upcoming webinar series to dive into the contributing factors and solutions leaders can implement to combat the effects of alert overload.
Arctic Wolf: Cybersecurity for the Oil & Gas Industry: Identify the Threats, Prevent Attacks
Although there is likely increased scrutiny around cybersecurity in the Oil and Gas industry due to the recent ransomware attack on the Colonial Pipeline, cyber attacks are not new to your space. While many companies have continued to move towards digitalization over the years across their operational technology (OT) and industrial control systems (ICS) in order to improve productivity, remain efficient and reduce costs, attackers are doubling down on opportunities to infiltrate and wreak havoc.
Featured Post
XDR marketing is fueling the cybersecurity problem for businesses
If there is one positive we can take from the last sixteen months, it is businesses embracing a more flexible working culture for their employees. Fundamental changes to the traditional nine-to-five working day means that many companies, in part, have already successfully transformed some of their operations to meet the demands of a new hybrid working world that is now very much the norm.
Odaseva Enables Large Organizations Using Salesforce to Comply with Global Data Regulations
Leading data management platform enabling businesses to comply with GDRP now helps them meet requirements of China's Personal Information Protection Law (PIPL).
Sponsored Post
How to Automate the Handling of Suspicious User Behavior
We live in a technological society, and cyber attacks are on the rise. Much of this fraudulent activity is linked to malicious actors or gangs of cyber criminals who are trying to exploit anything they can get their hands on. By using tools like Cobalt Strike or customized alternatives, they attempt to penetrate an organization's defenses in order to gain leverage, exfiltrate PIIs, plant ransomware or CnC beacons, or perform other kinds of malicious acts.