Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Security vulnerability uncovered and patched in the golang.org/x/crypto /ssh package

Platform.sh teams are always striving to ensure a safe space for all developers within our product. And this consistent diligence led to the Platform.sh Engineering team discovering a security vulnerability in the golang.org/x/crypto/ssh package on 5 September 2024. Upon investigating an unexpected Panic: runtime error: invalid memory address or nil pointer dereference message in our edge proxy, the engineers discovered a misimplementation of the PublicKeyCallback function.

Feature Friday #40: What would CFEngine do?

CFEngine works by defining a desired state for a given context and converging towards that goal. Given there is no fixed starting point and that the current context might change wildly it can be challenging to succinctly answer the question “What would CFEngine do?”. In Feature Friday: Don’t fix, just warn we saw how an individual promise could be made to warn instead of trying to automatically converge towards the desired state, a granular --dry-run mode.

Proactive Protection with Exposure Management

Every organization faces risk. What separates the vulnerable from the well-protected isn’t whether you have exposure — it’s how you manage it. Gaining visibility over your organization’s attack surface lets you prioritize which threats you address based on the degree of risk they pose. That’s when you can put together an exposure management strategy that empowers you to gauge your vulnerabilities and maintain the security posture appropriate to your business.

Passwordless Authentication: Its Role in IT Service Management and Observability

Efficiency and security are critical to observability and IT service management (ITSM) in the digital era. Passwordless authentication is revolutionizing how businesses carry out these crucial functions by providing a seamless yet incredibly safe approach to access management. The integration of these technologies is essential for enhancing cybersecurity and streamlining processes in increasingly complex IT systems.

How to Identify GDPR Compliance Gaps to Protect Your Business

With the introduction of the General Data Protection Regulation (GDPR) in 2018, businesses across Europe and beyond have faced the complex task of ensuring compliance. The regulation was designed to provide individuals greater control over their personal data, thereby imposing stringent obligations on organizations that handle such data. Failing to comply can lead to hefty fines, reputational damage, and loss of customer trust. That's why businesses must proactively identify and close compliance gaps to mitigate these risks effectively. Let's dive into it.

Indicators of Compromise (IoCs): An Introductory Guide

To confirm cyberattack occurrences and build or enhance cyber-defense strategies, threat intelligence teams use a lot of information, including Indicators of Compromise (IoCs). These IoCs are actually forensic data that are critical in: The relevance of IoCs cannot be downplayed, but they're not all that’s needed in building an effective cybersecurity strategy. In this article, we’ll explore indicators of compromise, their types, and their relevance to threat intelligence teams.

Navigating NIS2 Readiness: Building Cyber Resilience with NinjaOne

As the NIS2 Directive reshapes the cybersecurity landscape across the EU, understanding how to meet these new compliance requirements is critical. This webinar will provide a comprehensive look at the key objectives of NIS2, its expanded impact on essential and important sectors, and practical strategies for aligning with these standards. We’ll explore the specific steps organizations can take to strengthen their cybersecurity posture, including proactive risk management, incident detection, and response measures.

Why website monitoring is essential for building digital trust

Your website: it's where your customers connect with you. It's the digital embodiment of your brand, the 24/7 ambassador communicating your value and building crucial relationships. But what if that vital communication channel breaks down? Slowdowns, outages, and especially security breaches can instantly erode customer trust, inflicting lasting damage on your reputation and revenue.