Ransomware is on everyone’s minds these days, with attacks against small businesses, hospitals, and local governments increasingly in the headlines. Managed IT service providers are experiencing a dramatic increase in attempted cyberattacks.

Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization. Today, however, SOAR platforms are increasingly assuming a legacy look and feel. Although SOARs still have their place in a modern SecOps strategy, the key to driving SecOps forward today is no-code security automation.

When it comes to application security testing, choosing the tool best suited for the job is critical. There are so many various tools on the market that determining which one is best for your needs may be difficult. In this article, we will discuss 10 of the best testing tools and outline the features you should look for when making your decision.

Last year, we launched functionality for users to add policy for reporting data, compliance reports, promise types, and other code as modules. With CFEngine Build, users can manage and update their own policy, the default policy and any additional modules separately. This makes it very easy to utilize policy or other modules written by the CFEngine team, or other community members. In this post we will take a look at using some modules to improve the security of our infrastructure.

Dirty Pipe vulnerability is a Linux kernel vulnerability that allows the ability of non-privileged users to overwrite read-only files. The vulnerability is due to an uninitialized “pipe_buffer.flags” variable, which overwrites any file contents in the page cache even if the file is not permitted to be written, immutable, or on a read-only mount, including CD-ROM mounts. The page cache is always writable by the kernel and writing to a pipe never checks any permissions.

Many companies are looking to find a source of threat intelligence that can give them better visibility into the risks unique to their technology stack. While some may not be using threat intelligence, others may not be getting the value they could. Choosing and integrating threat intelligence sources into your cybersecurity monitoring is challenging, but you do need to keep some considerations in mind during the process.

Securing your SAP environments is critical to the operational success of your business. And SAP does a great job of trying to stay ahead of any vulnerabilities in their solutions by offering HotNews. As critical vulnerabilities are discovered, SAP weights their critical quality, declaring a level of severity and attributing a score - 10 being the most critical - along with a description and resolution of the patch.

By now, you’ve probably read loads of articles that discuss the COVID-19 pandemic’s impact on business, politics, the economy and much more.But what about SecOps? What permanent effects has COVID wrought on the way businesses secure IT assets? Let’s explore those questions by examining three key security trends that promise to endure long after the pandemic has finally receded.