Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

servicenow

3 ways to improve your enterprise IT security

Jun 11, 2021 By ServiceNow Blog In ServiceNow

You’ve undoubtedly heard the saying, “A chain is only as strong as its weakest link.” The same idea applies to your IT systems. They’re only as secure as their weakest vulnerability. No organization wants to fall victim to a cyberattack. These three ServiceNow webinars will help prepare you to boost your enterprise IT security and, ultimately, safeguard your business.

Read Post

Upgrading DevSecOps with compliance automation - Bryan Langston, Mirantis

Jun 11, 2021 By Tigera In Tigera
Compliance automation is a commonly overlooked area of Kubernetes observability. The question is: how do you automate compliance to a security framework that isn’t well understood by DevSecOps teams to begin with? This lack of understanding contributes to mismanaged compliance efforts and in a worst-case scenario, audit exposures and organizational risk. This talk will walk through an example of how to 1) map compliance controls to specific Kubernetes technical configuration 2) automate the assessment of those controls 3) visualize the assessment results. DevSecOps teams will better understand how to incorporate compliance automation alongside security automation.
View Video

Building secure and observable Kubernetes platforms for scaled software delivery

Jun 11, 2021 By Tigera In Tigera
"Companies of various sizes are building their applications on Kubernetes because it provides significant operational benefits like autoscaling, self-healing, extensibility, and declarative deployment style. However, the operational benefits are only a starting point down the path of building a secure and observable platform that enables the continuous delivery of application workloads. This session shows how to build a fully operational platform, leveraging platform-oriented building blocks to address network security and observability.
View Video

Exploring intrusion detection techniques in cloud native environments - Garwood Pang, Tigera

Jun 11, 2021 By Tigera In Tigera
As more production workloads migrated to the cloud, the need for Intrusion Detection Systems(IDS) grew to meet compliance and security needs. With the number of workloads in each cluster, IDS needs to be efficient to not take up the shared resources. Techniques such as packet inspection and web application firewalls provide a solid defense against threats and by leveraging the cluster's network control pane, we are able to selectively choose vulnerable workloads and provide an easy way to trace back to the origin of the attack.
View Video

Service Mesh, Observability and Beyond - Sheetal Joshi, AWS

Jun 11, 2021 By Tigera In Tigera
Congratulations! You’re now cloud-native with microservices. No more legacy monoliths. However, troubleshooting takes time, debugging is difficult, and security is scary. How can you scale your organization without losing an understanding of your environment? Services mesh is here to help! It gives you the observability of connected services and is easier to adopt than you might think. Come and learn service mesh concepts, best practices, and key challenges.
View Video

Kubernetes Observability & Troubleshooting: Best Practices - Raj Singh, Box

Jun 11, 2021 By Tigera In Tigera
Early adoption of Kubernetes came with its set of challenges for Box, that led to innovative solutions & learnings. In this session, the speaker will take you through some of those solutions around Kubernetes Observability & best practices which will make your Kubernetes journey easier.
View Video

Calico/VPP : Unlocking performance & innovation for large scale Kubernetes clusters

Jun 11, 2021 By Tigera In Tigera
Calico/VPP data plane renderer was introduced as Tech Preview in Calico 3.19 for Kubernetes. It leverages the FD.io/VPP userspace data plane which brings great benefits in terms of performance and flexibility for large-scale Kubernetes clusters. Thanks to its fast IPSec & Wireguard implementation, it makes it possible to provide intra-cluster full mesh crypto without compromising performance. Beyond performance, it implements differentiated features like MagLev based load balancing with DSR for k8s services making it a good choice for large-scale applications having strong high availability requirements. This is the first release but moving forward, it will provide support for superfast packet-oriented virtual interfaces as well TCP/UDP/Quic stack to applications having extreme networking performance.
View Video
ivanti

Wall Street Journal Predicts Dire Cybersecurity Days Ahead, Endorses Zero Trust

Jun 10, 2021 By Matt Kane In Ivanti

Let’s be honest for a second. This is a corporate blog. Yes, we aim to provide our readers with actionable, educational information. And, yes, we strive for complete transparency. But, at the end of the day, we understand if you’re skeptical of some of what’s written here. We’re a business, not a news publication, and it’s impossible for us to be completely unbiased all the time.

Read Post
splunk

Detecting Password Spraying Attacks: Threat Research Release May 2021

Jun 10, 2021 By Splunk Threat Research Team In Splunk

The Splunk Threat Research team recently developed a new analytic story to help security operations center (SOC) analysts detect adversaries executing password spraying attacks against Active Directory environments. In this blog, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PurpleSharp, collect and analyze the Windows event logs, and highlight a few detections from the May 2021 releases.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.