Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

RapidSpike - Who are we?

May 6, 2022 By RapidSpike In RapidSpike

⚡️ In a world dominated by e-com, RapidSpike provides next-generation website monitoring to global brands. 🔎 On the digital high street, they are the mystery shopper, in-store detective and protector of reputations and revenue. 📈 Human enhanced SaaS turning every fail into a pass. 👇 Listen to RapidSpike’s story so far…

View Video

RapidSpike

Read more about RapidSpike - Who are we?

Efforts to Secure OSS fired up after Log4Shell

May 6, 2022 By Ciara Carey In Cloudsmith

Who would have thought software could rattle the White House? But a vulnerability in Log4J, a popular open source software project, exposed critical digital infrastructure to remote code execution attacks. This prompted the US Government to engage big tech, infosec professionals, and open source organizations to come together to help secure open source software.

Read Post

Cloudsmith

Read more about Efforts to Secure OSS fired up after Log4Shell

DevOps Horror Stories: Repository of Horror

May 6, 2022 By Alan Carson In Cloudsmith

Just when you thought it was safe to go back in the water... Is there anything more frightening than the unknown? Anything the mind can conjure up is frequently scarier than something realized. The shark in Jaws is terrifying because you don’t see it until it’s too late. It’s a silent, relentless death machine, hiding in the water. A software vulnerability is the unknown, hidden deep within an ocean of code, packages and container dependencies.

Read Post

Cloudsmith

Read more about DevOps Horror Stories: Repository of Horror

Elastic Announces New Capabilities to Help Customers Solve Their Biggest Business Challenges

May 5, 2022 By Elastic In Elastic

Enabling Customers to Build Seamless Search Experiences, Accelerate Troubleshooting of Cloud-Native Services, and Streamline Security Analyst Workflows.

Read Post

Elastic

Read more about Elastic Announces New Capabilities to Help Customers Solve Their Biggest Business Challenges

Millions of IoT devices and routers could have a mega security flaw

May 5, 2022 By curatauser In meshIQ

An unpatched vulnerability in a popular C standard library found in a wide range of IoT products and routers could put millions of devices at risk of attack. The vulnerability, tracked as CVE-2022-05-02 and discovered by Nozomi Networks, is present in the domain name system (DNS) component of the library uClibc and its uClibc-ng fork from the OpenWRT team.

Read Post

meshIQ

Read more about Millions of IoT devices and routers could have a mega security flaw

7 Important Things to Include in Your Company Security Policy

May 5, 2022 By Mia Naumoska In Internxt

We live in risky times. Security incidents and data breaches are more common than ever and digital-minded companies usually bear the brunt of it. Organizations are constantly at risk and can be compromised in no time by ransomware, cyberattacks, social engineering, and corporate espionage. But, in truth, the most common way companies are undermined and infiltrated is through the actions of individual members inside of the organization itself.

Read Post

Internxt

Read more about 7 Important Things to Include in Your Company Security Policy

What Is DevSecOps? How Great Developers Shift Left for Security

May 5, 2022 By David Pickering In Ivanti

In the alphabet soup of IT buzzwords, DevSecOps is one of the more confusing abbreviations. More than just a trendy buzzword, DevSecOps is the mature organization’s next evolution in comprehensive development processes.

Read Post

Ivanti

Read more about What Is DevSecOps? How Great Developers Shift Left for Security

Getting Better Sysmon Data Using Cribl Stream

May 5, 2022 By Ed Bailey In Cribl

System Monitor, better known as Sysmon, is one of my favorite security datasets. The data is crazy detailed and offers a great way to power security detection and response since it gives cyber security teams a roadmap to understand exactly what systems or people are doing while they use any Windows operating systems. The avalanche of the data is the downside and why observability engineers need tools like Cribl Stream to manage and enrich Sysmon data to make it more useful and more cost-effective.

Read Post

Cribl

Read more about Getting Better Sysmon Data Using Cribl Stream

ElasticON Solution Series Keynote: Celebrating 10 Years of Elastic

May 5, 2022 By Elastic In Elastic

Learn more about Elastic's origin story and how the world's most popular search engine evolved into the leading platform for search-powered solutions. Since the release of Elastic 7.0 there have been 17 additional 7.x releases. In less than 20 minutes you’ll hear the highlights from two years of Elastic 7.x and explore the latest news from 8.x — and — what’s to come in the future. Speaker: Mike Nichols, Product Lead - Elastic Security, Elastic

View Video

Elastic

Read more about ElasticON Solution Series Keynote: Celebrating 10 Years of Elastic

NinjaOne Partnership with SaaS Alerts Provides Enhanced Security

May 4, 2022 By Jim Lippie In NinjaOne

Managed Service Providers (MSPs) are charged with protecting their customers from all of the threat vectors that target devices, networks, and applications. The diligence required to provide this level of protection for customers is unending. However, if an MSP is going to properly secure their customers’ environments, they first must secure their own, which is why NinjaOne has collaborated with the cybersecurity company SaaS Alerts to better protect MSPs from RMM supply chain attacks.

Read Post