When we discuss cybersecurity and the threat of cyber attacks, many may conjure up the image of skillful hackers launching their attacks by way of undiscovered vulnerabilities or using cutting-edge technology. While this may be the case for some attacks, more often than not, vulnerabilities are revealed as a result of careless configuration and inattention to detail. Doors are left open and provide opportunities for attacks.

Welcome back to the incredible and majestic Pandora FMS blog. In today’s post, we are going to deal with an event belonging to the month of October, that depressing month in which we become aware of fall, it is colder and someone keeps cutting short our daylight hours. If April is the month of flowers and November the month of the male mustache for testicular cancer, October is the Cybersecurity Awareness Month.

From the basic to advanced concepts of AWS own service for identity and access management: users, groups, permissions for resources and much more. For seriously working with AWS, there’s no way around its Identity and Access Management (IAM) service. Skipping to understand its core principles will bite you again and again in the future️. Take the time to do a deep dive, so you won’t be frustrated later.

When it comes to risk management in banks, cloud-based computing offers significant advantages. On the other hand, risk managers will have a tough time making the switch from on-premises to the cloud.

Since we launched Puppet Comply last year, we’ve been working hard to build out the solution’s capabilities so that we can provide our customers with more options in implementing a continuous compliance program, and become more proactive and efficient in how they manage compliance. A key activity in any strong continuous compliance program is remediation.

Amazon EKS Anywhere is an official Kubernetes distribution from AWS. It’s a new deployment option for Amazon EKS that allows the creation and operation of on-premises Kubernetes clusters on your existing infrastructure.

JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in Yamale, a popular schema validator for YAML that’s used by over 200 repositories. The issue has been assigned to CVE-2021-38305.

We live in a world of increasingly connected devices – phones, digital assistants, smart watches, cars, thermostats, refrigerators, windmills, and more. More than 50% of the world’s population is now online and two-thirds own a mobile device, according to the World Economic Forum. Additionally, the codebase of today’s applications typically consists mainly of open source components – exposing them to greater risk of hacking than ever before.