Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Introducing the Splunk for CMMC Solution

Feb 19, 2020 By Michael Sondag In Splunk

On January 31st, 2020, the Office of the Undersecretary of Defense for Acquisition and Sustainment (OUSD A&S) published V1.0 of the Cybersecurity Maturity Model Certification (CMMC). The CMMC builds on DFARS both in terms of required practices and by establishing “trust, but verify” relationships with DoD contractors.

Read Post

Splunk

Read more about Introducing the Splunk for CMMC Solution

Is your business PCI DSS compliant?

Feb 17, 2020 By ADAudit Plus In ManageEngine

How Chooseus Life Insurance lost its customers’ cardholder details and their trust In August 2019, reporters began flocking to Chooseus Life Insurance’s head office in Detroit after news leaked that thousands of the company’s customers had lost money due to a security breach. The CEO of this life insurance company released the following statement: “We have had your trust for two years.

Read Post

ManageEngine

Read more about Is your business PCI DSS compliant?

How to Quickly Identify Suspicious Network Behavior With Intuitive Dashboards in SolarWinds SEM

Feb 17, 2020 By SolarWinds In SolarWinds

Log and event data are a boundless and valuable resource for identifying suspicious network activity and stopping potential breaches. However, analyzing lines and lines of text-based data can make this resource more trouble than it's worth. In this video, we'll explore the different ways you can customize log data in an easy-to-understand and visual dashboard in Security Event Manager to help turn it into something you can act on.

View Video

SolarWinds

Read more about How to Quickly Identify Suspicious Network Behavior With Intuitive Dashboards in SolarWinds SEM

Cyber Security Mega Breaches: Best Practices & Log Management

Feb 14, 2020 By Nick Carstensen In Graylog

While the Capital One breach may have been jaw-dropping in its sheer scale, there are best practice lessons to be learned in its remediation response, says Nick Carstensen, technical product evangelist at Graylog.

Read Post

Graylog

Read more about Cyber Security Mega Breaches: Best Practices & Log Management

11 Different Types of Spoofing Attacks to Be Aware Of

Feb 14, 2020 By David Balaban in Guest Posts In WebSitePulse

In terms of cyber-attack vectors, spoofing is exactly what it sounds like. This term embraces a series of techniques aimed at masquerading an attacker or electronic device as someone or something else to gain the victim’s confidence. Whether it is used to deceive a user or to manipulate a computer system, this multi-pronged phenomenon is often at the core of social engineering hoaxes in general and phishing campaigns in particular.

Read Post

WebSitePulse

Read more about 11 Different Types of Spoofing Attacks to Be Aware Of

Developer demo: Using cf-keycrypt to encrypt host-specific secrets

Feb 13, 2020 By CFEngine In CFEngine

A preview of cf-keycrypt, a new utility coming in CFEngine 3.16.

View Video

CFEngine

Read more about Developer demo: Using cf-keycrypt to encrypt host-specific secrets

Key security functions of unified endpoint management

Feb 13, 2020 By Desktop Central In ManageEngine

As part of digital transformation, the adoption of a wide range of devices for work is on the rise. A unified endpoint management (UEM) solution is capable of enforcing management policies and configurations, as well as securing endpoints. In a previous blog, we reviewed the capabilities of a good UEM solution. In this instalment, we look at UEM security features.

Read Post

ManageEngine

Read more about Key security functions of unified endpoint management

Playing defense against Gamaredon Group

Feb 13, 2020 By Daniel Stepanic In Elastic

For several months, the Intelligence & Analytics team at Elastic Security has tracked an ongoing adversary campaign appearing to target Ukranian government officials. Based on our monitoring, we believe Gamaredon Group, a suspected Russia-based threat group, is behind this campaign. Our observations suggest a significant overlap between tactics, techniques, and procedures (TTPs) included within this campaign and public reporting.

Read Post

Elastic

Read more about Playing defense against Gamaredon Group

Modernizing the CFEngine Project - Vratislav Podzimek & Ole Herman S. Elgesem (Cfgmgmtcamp 2020)

Feb 12, 2020 By CFEngine In CFEngine

Our talk about CI, Travis, Jenkins, GitHub CodeQL, AddressSanitizer, valgrind, codecov, git submodules, and more.

View Video

CFEngine

Read more about Modernizing the CFEngine Project - Vratislav Podzimek & Ole Herman S. Elgesem (Cfgmgmtcamp 2020)

Supercharging Workload Security in Your K8s Cluster

Feb 12, 2020 By Vaibhav Thakur In Tigera

2019 was a big year for Kubernetes adoption, and 2020 is sure to exceed that pace. Already, we have seen a large number of organizations migrating their workloads to Kubernetes (k8s) both in public and private clouds as they embrace a hybrid cloud strategy. With so much at stake, what are you currently using for network security inside your k8s cluster?

Read Post