As an MSSP (Managed Security Service Provider), HIPAA Vault relies on CFEngine to automate & secure their infrastructure on behalf of their customers. HIPAA Vault has been a longtime CFEngine Community user since 2012 and recently upgraded to Enterprise in order to boost their infrastructure visibility through Mission Portal and features like Compliance Reporting that help them provide a more secure & compliant cloud hosting solution.

With the new Contexts API release, developers can save their team valuable time while enhancing security practices. We know maintaining your organization’s security is crucial. There is the need to meet strict compliance guidelines, such as FedRAMP and GDPR, and what seems to be an increasing number of breaches, like the compromise of over 150,000 video security cameras as a result of a targeted Jenkins server.

Security is everyone’s responsibility. That’s it. That’s the whole point. (I may be spending too much time with Leon, but it had to be said.) If you have a security team, or even just one person who is tasked with security, it’s easy for the rest of the team or department to fall into a trap, thinking there’s nothing more you need to do. You’re wrong.

Organizations are migrating an increasing amount of their infrastructure into the cloud. The cloud provides organizations with a number of benefits like greater scalability, improved reliability and faster time to value. However, these potential benefits can be offset if security is an afterthought.

For logs and tracking insider threats, you need to start with the relevant data. In these turbulent times, IT teams leverage centralized log management solutions for making decisions. As the challenges change, the way you’re monitoring logs for insider threats needs to change too. Furloughs, workforce reductions, and business practice changes as part of the COVID stay-at-home mandates impacted IT teams.

From exposing your network vulnerabilities to becoming a passageway for intruders, open ports can pose several risk vectors that threaten your network’s confidentiality, integrity, and availability. This is why it’s a best practice to close your open ports. To tackle the risks introduced by open ports, network admins rely on port scanning tools to identify, inspect, analyze, and close open ports in their networks.

One of the major concerns when moving to the cloud is how to approach AWS S3 security. Companies may have moved their workflows to Amazon, but are still cautious about moving their data warehouse. And that is totally understandable. We have all heard about data breaches in companies like Facebook, GoDaddy, and Pocket. It’s important that access to information is done properly, in a limited and controlled fashion, to avoid such breaches.

Welcome to another monthly update on what’s new from Sysdig. Our team continues to work hard to bring great new features to all of our customers, automatically and for free! This month was mostly about compliance and a PromQL Query Explorer! Have a look below for the details. We have added a number of new compliance standards to our compliance dashboards page, making it even easier for our customers to quickly (and continuously!) check how well they’d do from an audit.

We are very excited to announce the official release of Ivanti Desktop and Server Manager Remote Control - A new Remote Control solution based on Ivanti technology! Ivanti continues to provide useful tools to support our customers in the Everywhere Workplace – especially in times where remote work is more often the norm rather than the exception.

The simplest way to ensure the safety of all the open source (OSS) components used by your teams and sites, is with a software composition analysis (SCA) tool. You need an automated and reliable way to manage and keep track of your open source usage. With JFrog Xray, you can set up vulnerability and license compliance scanning built into your software development lifecycle (SDLC).