Web security for online businesses is an area not very well understood by many. Influx of content managing systems has led to a lot of online presence that is basically confused on how online security works. Some of the people who use these CMS do not know what web security is and how to implement it.
Open source has come a long way. Open source components are the building blocks of arguably every organization’s software. According to Stack Overflow’s 2018 developer survey results, nearly half of professional developers contribute to open source projects, and 40% listed contribution to open source software as part of their non-formal learning background.
Today we are happy to announce the general availability of CFEngine 3.12.0 LTS beta. The release of 3.12.0 beta took longer than expected. As a result we have decided to adjust our release schedule, and we releasing 3.12.0 beta now and later this year 3.12.0 will be the next official LTS release.
Helping to protect IT environments from cyber attacks and comply with tightening compliance standards, SIEM systems are becoming the cornerstone for security paradigms implemented by a growing number of organizations.
WordPress may power the majority or the internet, but Joomla! is the second most popular CMS on the planet, representing 6.1% of all known CMS websites. So we felt it was important to integrate it directly into our external website security and vulnerability scanner. Sitting alongside special checks for WordPress, Drupal and SilverStripe websites, we scan potential issues with the core version of Joomla! and any plugins installed.
Organizations both small and large that deal with personal data must be compliant with GDPR rules. At Coralogix, we’ve been working hard to be prepared for GDPR. Preparing your data for GDPR can be a daunting task, so we thought we’d shed some light on the issue.
The rather broad definition of personal data in the GDPR requires paying special attention to log data. GDPR and personal data in web server logs is a popular topic in many GDPR fora. For example, IP addresses or cookies might be considered personal data. Consequently, such data must be stored only with the consent of customers for a limited time. It is highly recommended to anonymize personal data before you hand over the logs to any 3rd party to minimize risk.
In my last post, I gave a high-level overview how to select a threat intelligence vendor and how to integrate indicators of compromise (IOCs) into your SIEM or log management environment. In this post, I will describe in detail how to use the Threat Intelligence plugin that ships with Graylog. I’ll start with the steps necessary to prepare your data, then explain how to activate the feature and how to configure it for use.
Just as news hits of two highly critical security vulnerabilities in Drupal – a popular open source CMS that powers 4.2% of known CMS websites – we have expanded our external Vulnerability Scanner yet again with Drupal specific security checks. We now offer peace of mind for anyone with a WordPress, Joomla!, SilverStripe or Drupal site, as well as checks for thousands of known software and configuration vulnerabilities for all major software products and operating systems.