Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Just released! AT&T Cybersecurity Insights Report: 5G and the Journey to the Edge
We are certainly in unique times, with COVID driving digital transformation at an unprecedented pace, remote work appearing to be long term, and the specter of new threats looming over security professionals as they strategized how to protect a rapidly changing business and tech landscape. To use perhaps one too many cliches: it is the best of times, it is the worst of times, the times are a changin’, and a change will do you good. No really, it will.
Top tips for better security awareness on the job from Detectify Security Champions
Security is not compliance. This is something that the security champions at Detectify can agree on and each employee practices security everyday to help keep our customers and business secure. You’ve probably never met a more engaged group about security training than us at Detectify! We are passionate about our industry and maybe even gain a few new security nerds every few months as we go.
Vulnerability Management with ManageEngine Vulnerability Manager Plus
Vulnerability management is the cyclical process of identifying, evaluating, treating, and reporting on threats and vulnerabilities across your network endpoints. In this video, we take an in-depth look at the exhaustive threat and vulnerability management features of ManageEngine Vulnerability Manager Plus.
What is AMNESIA:33?
What is AMNESIA:33? Forescout Research Labs has discovered a set of thirty-three new memory-corrupting vulnerabilities, affecting millions of enterprise IoT, OT and IT devices. Lurking in four open-source TCP/IP stacks used by over 150 vendors, AMNESIA:33 can present an immediate risk to organizations worldwide. Four of the vulnerabilities are critical, with possible exploits including Remote Code Execution, Denial of Service, and Data Exfiltration.
How to identify and mitigate risk from AMNESIA:33 vulnerabilities
Amnesia:33 is a set of thirty-three new memory-corrupting vulnerabilities, affecting millions of enterprise IoT, OT and IT devices. Quickly detect and mitigate against potential threats by learning how eyeSight can be a critical part of your security playbook.
Building your modern cloud SIEM
SIEM has traditionally earned itself a bad reputation as an unwieldy and unmanageable tool that really never lived up to its promises. In my presentation during Illuminate, I talked about what Sumo Logic is doing to modernize log analytics and SIEM as a whole. Today, we see that despite how overall technology is accelerating, security always seems to lag behind. In Sumo Logic, we address this head-on.
See Netskope Prove It
7 use cases that illustrate how Netskope can see what other SWGs can’t. Let us prove it.
Tighten Up Your Strategy: Evaluating the Leakiness of a Cloud App
We at Netskope Threat Labs have published a series of blogs detailing the misconfigurations in cloud apps causing data exposure. Misconfiguration and sensitive data exposure have been listed as predominant top 10 OWASP security risks for years, and are now also the predominant cause of cloud data breaches.
What is Access Control?
Access control is a security technique that regulates who or what can view, use or access a place or other resources. It is a fundamental concept in physical security and information security designed to minimize risk. At a high level, access control is about restricting access to a resource. Any access control system, whether physical or logical, has five main components: Access control can be split into two groups designed to improve physical security or cybersecurity:
Securing Kubernetes using Egress Access Controls
A majority of existing workloads are non-Kubernetes, and for the platform teams involved, this creates challenges because the cluster will need to be securely connected to those resources. Calico Enterprise includes several features that enable fine-grained access controls between your microservices and databases, cloud services, APIs, and other applications that may be protected behind a firewall. There are different approaches to managing Kubernetes egress access, depending on your needs and where you want the control point to be