Defend Log4j Vulnerabilities with Cisco Secure Application
In this video, we demonstrate the benefits of using AppDynamics with Cisco Secure Application to investigate, detect, and block Log4j related vulnerabilities in production.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
Security
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
RapidSpike Roundup 2021
2021 has been an incredible year for RapidSpike. We’ve produced some brilliant features and made platform changes to help our clients produce faster, safer and more reliable websites. Additionally, we’ve had some great successes as a company. Here are some of the highlights in the RapidSpike Roundup 2021.
"I love it when a plan comes together"-the questions to ask your customers before the next software vulnerability
I’m probably dating myself, but I used to love the television show The A-Team when I was little. Every week, the team would be put into the middle of a problem and work together to overcome some challenge. Plus, they had Mr. T and a really cool van.
Log4j and VMware Tanzu Application Service
This video goes into detail on how to perform application and platform mitigation of the Log4j CVEs using VMware Tanzu Application Service. Please note: This content is relevant as of 12/16/21 and could become outdated due to the ever-changing Log4j situation. Here are some additional resources regarding this vulnerability.
Experiment with Calico BGP in the Comfort of Your Own Laptop!
Yes, you read that right – in the comfort of your own laptop, as in, the entire environment running inside your laptop! Why? Well, read on. It’s a bit of a long one, but there is a lot of my learning that I would like to share. I often find that Calico Open Source users ask me about BGP, and whether they need to use it, with a little trepidation. BGP carries an air of mystique for many IT engineers, for two reasons.
Nastel Products Are Not Affected by Log4j Vulnerability Issues
Recent news about Log4j has enterprises and vendors scrambling for information and answers, including customers of messaging middleware and Integration Infrastructure Management (i2M) products. Nastel Technologies customers will not be exposed to any risks from this vulnerability, but enterprises are encouraged to check with their Cloud and other solution vendors to protect themselves and their data.
How we designed Ubuntu Pro for Confidential Computing on Azure
Not all data is destined to be public. Moving workloads that handle secret or private data from an on-premise setup to a public cloud introduces a new attack surface with different risks. As the public cloud environment shares its hardware infrastructure, a flaw in the clouds’ isolation mechanisms can be detrimental to the protection of sensitive data. The major public cloud environments tackle this by building their security following a defense-in-depth approach.
Log4j: Two Tricks to Make Your Next Vulnerability Less Chaotic
Tl;dr: Log4j is a mess, if you’re chasing down the applications, services and servers that use Java; consider the suggestions below to make zero day patching easier.
The wrong lessons to learn from the Log4j vulnerability
Log4j and Java sucks, but I don't use that, so I'm safe...right? Wrong. This video walks through the wrong lessons to take away from the huge Log4j remote code execution vulnerability, and points you at the lessons you should be learning instead. While the Log4j vulnerability may not directly affect you, its type of vulnerabilities certainly do.
SecOps for Safer, More Efficient ITOps
When the Nobel Prize for physics was announced in October 2021, one of the winners was Italian theoretical physicist Giorgio Parisi, whose groundbreaking research helped decode complex physical systems, opening the door for breakthroughs in mathematics, science, and artificial intelligence. Decoding complex physical systems? If the science thing didn’t work out, Parisi could have pursued a career in security operations.