Security teams defending Windows environments often rely on anti-malware products as a first line of defense against malicious executables. Microsoft provides security vendors with the ability to register callbacks that will be invoked upon the creation of processes on the system. Driver developers can call APIs such as PsSetCreateProcessNotifyRoutineEx to receive such events.
When an end user thinks of a modern application, they expect a user-friendly offering, one that works on any device, from any location, and that delivers constant innovation. To deliver on that expectation, under the hood there are a large number of distributed components (and micro-components) running heterogeneous workloads on hybrid environments.
You see the headlines, and perhaps, ‘thank goodness it wasn’t us’ flickers through your mind. An overly permissive web server exposes 100 million+ consumer credit applications, or an S3 bucket leaves hundreds of millions of user records open to the public. A nightmare scenario for any CISO and their cloud security team!
It’s no secret that organisations are up against skilled, relentless and determined adversaries. Security operations teams need to continuously test their detection capabilities by carrying out adversary emulation plans that are made up of varying tactics, techniques and procedures (TTPs) and track key metrics of their coverage in order to close any existing gaps. There are many tools available for running adversary emulation plans and performing purple team exercises.
Are you the type of person who loves the command-line? Is tab-complete your friend? Do you move faster on a keyboard than with a mouse? Then Phantom Slash Commands are for you!
Sensu creator and Developer Advocate Todd Campbell recently wrote about using LDAP authentication for single-sign on (SSO) with Sensu Go. That post provided a great overview of Sensu authentication and included some useful LDAP troubleshooting tips. In this post, we'll focus on the Sensu LDAP implementation and explore how SSO/LDAP users are linked to RBAC "profiles" (i.e. Roles and ClusterRoles). We'll also demonstrate how Sensu supports multiple LDAP providers thanks to its groups_prefix feature.
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In light of rising concerns over cloud cybersecurity, this week we explore the concept of confidential computing. The past year has seen strong adoption of cloud technologies due to accelerated digital transformation and a cloud-first approach in business.
DevOps, DevSecOps and CI/CD are synonymous with one word - automation. Automating their workflows gives developers the ability to deliver consistency, time savings, and useful insights into their software development life cycle (SDLC). But automation is only as efficient as your weakest link or most cumbersome bottleneck, which can sometimes be security testing. Security testing has traditionally been carried out either manually or quite late in the process.
After you register the domain for your website, you might take pride in owning your company’s online address. However, from a legal standpoint, you don’t own it. While you can register it, thieves can hijack it from you. Domain hijacking does not receive a lot of attention, but it is a real threat. Domain hijacking is also very frustrating, as it is relatively easy for thieves to hijack a domain, and once they get control, it can be very difficult and expensive to regain it.
You’ve undoubtedly heard the saying, “A chain is only as strong as its weakest link.” The same idea applies to your IT systems. They’re only as secure as their weakest vulnerability. No organization wants to fall victim to a cyberattack. These three ServiceNow webinars will help prepare you to boost your enterprise IT security and, ultimately, safeguard your business.
