Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
I Am Devo
In their debut LP, Q: Are We Not Men? A: We Are Devo!, the band introduces their defining theme that mankind’s evolution has reached the point—devolved to the point, actually—that we are converging on sameness… emotionless and robotic. This notion informed everything from the way Devo dressed (awesome!), to the music they wrote, to the way they performed. What does the band Devo’s theme of devolution have to do with me joining a software company of the same name?
Redscan Ethical Hacking Roundtable: key insights for 2021
Redscan’s 2021 Ethical Hacking Roundtable event explored critical vulnerabilities and other key issues facing security teams. The roundtable panel featured George Glass, Head of Threat Intelligence at Redscan, Tom Tervoort, who discovered and disclosed Zerologon, Dr Elizabeth Bruton, Curator of Technology and Engineering at the Science Museum and Dinis Cruz, CTO and CISO of Glasswall and OWASP Project Lead. Key insights from the panel included.
Coralogix - Panel Discussion: Elasticsearch is Not Open Source Anymore
Does SSPL license endanger your intellectual property? As of January 2021, Elasticsearch is no longer open source. From version 7.11 and onwards, all ELK products (Elastic, Logstash, Kibana) will be registered under the new SSPL license created by Mongo and now adopted by Elastic. In this panel, our IP expert lawyer discusses the new license and helps explain whether it impacts your business or puts it at risk.
Datadog achieves FedRAMP Moderate Impact authorization
As government agencies accelerate migrating their operations to the cloud, they need to adhere to strict compliance and security standards. The Federal Risk and Authorization Management Program (FedRAMP) provides the standard that these agencies—and their private-sector partners—must meet to work and manage federal data safely in the cloud.
JavaScript cybersecurity threats
JavaScript is a very useful programming language. Netscape developers invented JavaScript in 1995, and it revolutionized the web. Before JavaScript, webpages could pretty much only contain text, images, and hyperlinks. JavaScript empowered web developers to make webpages interactive, dynamic rather than static. Think of picture menus that animated when your mouse cursor went over it, and applets that could give you your local weather forecast or tell you which web browser you’re using.
Detectify's ISO 27001 certification use case and guide for SaaS companies
A SaaS start-up can only go so far before it’s time to consider certifications and compliance standards for advancement. But let’s make it clear that at Detectify, we don’t see compliance as security. If you’re stuck in between the two right now, here’s our use case for getting ISO 27001 certification and how we made it work for Detectify, a SaaS-based web application security scale-up that has its fair share of passionate security defenders aboard!
Goodbye, 2020! Lookout, 2021
Like most people, I am not at all sad to see 2020 go. It introduced unique pressures that challenged all of us in different ways. As snykers, I believe we have emerged stronger. Throughout the year, our global team—alongside our partners and customers—reached so many impressive milestones, made that much sweeter due to the headwinds we all faced in achieving them. Ending the fiscal year, Snyk: Yes—two acquisitions.
Forward Fix: Use Case for Network Query Engine Library
Technical Solutions Architect, Kevin Kuhls demonstrates a use case for Forward Enterprise's Network Query Engine (NQE) Library. Watch as he finds all BGP neighborships that are not in the established state without tediously logging into each router or writing complex scripting. Across all vendors and locations, Forward Enterprise models all the devices and NQE allows you to grab the data you want.
Security Challenges and Opportunities of Remote Work | Kill the VPN |
The COVID-19 pandemic forced many organizations to shift to a remote workforce almost overnight, most of which were not prepared for the sudden change. In their efforts to ensure their employees could remain productive, a number of organizations relaxed their security policies and unwittingly exposed their networks to compromise. As the pandemic continues, security challenges remain, but organizations also now have opportunities to find and fix vulnerabilities and improve their overall security posture, even as their employees eventually migrate back to the office.
Who Knows When, Or If, We'll Go Back to the Office? We Must Make Good Security Moves Regardless.
The management consulting firm Korn Ferry recently surveyed professionals about what they were most looking forward to when they return to the office, and more than 20 percent of them said “nothing.” (No kidding.) Some 64 percent of respondents are cited as saying that they’re more productive at home. (Not surprised.)