Recently, Leon kicked this sharing process off sharing what he has seen in the support queue. I read it, applaud it, and have more tips to share. As Leon mentioned, and you may have seen the banner on THWACK and other notifications regarding this, the digital signing certificate is being revoked on March 8, 2021. This means if you haven’t upgraded to get the new certificate before then, you’re probably going to run into issues running your Orion module(s) installation.

Microsoft Azure provides a suite of cloud computing services that allow organizations across every industry to deploy, manage, and monitor full-scale web applications. As you expand your Azure-based applications, securing the full scope of your cloud resources becomes an increasingly complex task. Azure platform logs record the who, what, when, and where of all user-performed and service account activity within your Azure environment.

Insider threats are becoming a growing concern across different industries. Most coverage goes to outside attacks, especially when it comes to big corporations and government agencies. However, internal security is something organizations need to take very seriously to avoid irreparable damages. Not many enterprises can afford internal threat detection programs. However, they can definitely adopt proactive measures to avoid them, especially when it comes to sensitive systems and data.

As you might imagine, it’s a bit of a busy time here at SolarWinds HQ. There is A LOT going on, not the least of which is encouraging our customers to upgrade before March 8. (Why March 8? Keep reading and I’ll explain in a moment.) First, I want to emphasize the important part of that sentence: “encouraging our customers to upgrade before March 8.”

The SolarWinds exploits have been widely reported, fully covered, and basically as we would say in Aussie – Done to Death Mate. But some of the info got me thinking, especially this article from my buddies at Microsoft which gives some great background and flows for that how the attacks were actually working. I’ve been working with Ivanti Application Control – formerly AppSense Application Manager for over 17 years.

Passwords are dying. The cost of creating and maintaining passwords is becoming untenable. Which can be seen in the rise of users logging in with social products and developers outsourcing their pain to Auth0 and the likes. We decided to sidestep the password based authentication and went passwordless on our new product. Read on to see how you can go passwordless too.

You must secure your software supply chain. Now, more than ever, it is vital. For a long time, a primary concern in security was malicious actors exploiting inherent weaknesses in software. Privilege escalations, SQL injections, race conditions etc. These are, of course, still a concern and should be afforded the attention that they deserve. But now, there is another worry, one that is arguably even more important – A Supply Chain Attack.

We’re all familiar with the internet, especially since we use it to do almost all of our daily activities. Since the days of that familiar buzzing noise of AOL dial-up as it connected to somewhere out there in the stratosphere, we’ve been hooked on the internet and its vast space that holds endless amounts of information, ready for us to tap into right at our fingertips.

ESG research on cyber risk management, which involved 340 cybersecurity professionals, revealed that 40 percent felt tracking patch and vulnerability management over time was their biggest challenge.