%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

CFEngine: The Agent Is In 11 - Infrastructure Hardening With CFEngine & Lynis

Mar 31, 2022 By CFEngine In CFEngine

"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.

View Video

CFEngine

Read more about CFEngine: The Agent Is In 11 - Infrastructure Hardening With CFEngine & Lynis

What is Red Teaming in Cyber Security? The Complete Guide

Mar 31, 2022 By Coralogix In Coralogix

Red teaming is the practice of asking a trusted group of individuals to launch an attack on your software or your organization so that you can test how your defenses will hold up in a real-world situation. Any organization reliant on software – including banks, healthcare providers, government institutions, or logistics companies – is potentially vulnerable to cyberattacks, such as ransomware or data exfiltration.

Read Post

Coralogix

Read more about What is Red Teaming in Cyber Security? The Complete Guide

Automated Just-In-Time Permissions Using JumpCloud+Torq

Mar 31, 2022 By Torq In Torq

For security teams, properly managing which users can access resources and governing the level of access those users have is about as basic as locking the door at night. Understandably then, there are thousands of options available to fine-tune or revoke access, and it’s likely that issues come up daily for most companies—if not hourly.

Read Post

Torq

Read more about Automated Just-In-Time Permissions Using JumpCloud+Torq

Trigger arbitrary code from PostgreSQL

Mar 31, 2022 By Vratislav Podzimek In CFEngine

In this blog post we show how it is possible to run an arbitrary program, script, or execute arbitrary code in reaction to changes and generally events in a PostgreSQL database.

Read Post

CFEngine

Read more about Trigger arbitrary code from PostgreSQL

Building Your Security Analytics Use Cases

Mar 31, 2022 By Graylog Security Team In Graylog

It’s time again for another meeting with senior leadership. You know that they will ask you the hard questions, like “how do you know that your detection and response times are ‘good enough’?” You think you’re doing a good job securing the organization. You haven’t had a security incident yet. At the same time, you also know that you have no way to prove your approach to security is working. You’re reading your threat intelligence feeds.

Read Post

Graylog

Read more about Building Your Security Analytics Use Cases

Managing Sensitive Data in Kubernetes with Sealed Secrets and External Secrets Operator (ESO)

Mar 31, 2022 By Lukonde Mwila In Rancher

Having multiple environments that can be dynamically configured has become akin to modern software development. This is especially true in an enterprise context where the software release cycles typically consist of separate compute environments like dev, stage and production. These environments are usually distinguished by data that drives the specific behavior of the application.

Read Post

Rancher

Read more about Managing Sensitive Data in Kubernetes with Sealed Secrets and External Secrets Operator (ESO)

Elastic on Elastic - Using Elastic Observability to optimize the performance of detection rules in Elastic Security

Mar 30, 2022 By Dmitrii Shevchenko In Elastic

Elastic Security’s developer support team has recently seen a surge in reports from customers about sluggish performance in our UI. Our initial inspection of logs for troubleshooting provided some insights, but not enough for a true fix. Luckily, we have Elastic Observability and its APM capabilities to dive in deeper and look under the hood at what was really happening within Elastic Security. And, more importantly, how we could improve its performance for customers.

Read Post

Elastic

Read more about Elastic on Elastic - Using Elastic Observability to optimize the performance of detection rules in Elastic Security

What is Data Encryption and Why It's Recommended for Really Safe Online Security

Mar 30, 2022 By Internxt Team In Internxt

Encryption has come a long, long way over the last few years. Something once reserved only for militaries and governments, encryption has been made super accessible and has become standard practice in the tech industry. Whether it’s texts, photos, or word docs - it can, and should, be encrypted. Put simply, encryption scrambles any file sent or stored online into unreadable nonsense that can only be translated (or decrypted) by a user with a key.

Read Post

Internxt

Read more about What is Data Encryption and Why It's Recommended for Really Safe Online Security

Chrome Zero Day: Find vulnerable devices for patching

Mar 30, 2022 By InvGate In InvGate

Google issued an emergency security update due to the severity of exploit CVE-2022-1096. A few days later, Microsoft joined the recommendation, advising Chromium Edge users to update their browsers as well. Therefore, if you haven’t already, you should check your browser details to check if it’s updated to version 99.0.4844.84 of Chrome or version 99.0.1150.55 or higher of Edge. Matt Beran shows you how you can find vulnerable devices across your inventory for proactive patching using InvGate Insight.

View Video

InvGate

Read more about Chrome Zero Day: Find vulnerable devices for patching

Chrome zero-day: find devices with vulnerabilities across your inventory

Mar 30, 2022 By InvGate In InvGate

If you’re an asset manager or an application administrator, you must have had - or are about to have - a lot of work since there’s a new Chrome zero-day vulnerability in the wild. Google issued an emergency security update due to the severity of exploit CVE-2022-1096. A few days later, Microsoft joined the recommendation, advising Chromium Edge users to update their browsers as well.

Read Post