%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Bits of Security, Security Panel

Apr 14, 2021 By Datadog In Datadog

Have a question you’ve been wanting to ask about security at scale, supply chain, or managing great security teams? Join our speakers, industry experts, and Datadog’s very own CISO for an AMA on the “Art of Defense.” We’ll explore all of the topics from the conference speaking sessions and open the door to questions on what we may see from attack and defense in 2021 and beyond.

View Video

Datadog

Read more about Bits of Security, Security Panel

Bits of Security

Apr 14, 2021 By Datadog In Datadog

The past year introduced a plethora of challenges for security practitioners. While the range of cyber attacks has been vast, these attacks have been confronted with creative defense tactics and techniques. Join Datadog for a practitioner-focused event where we will examine the “Art of Defense,” which will include a range of topics from social problems to engineering challenges around supply chain attacks.

View Video

Datadog

Read more about Bits of Security

Automatically Assess and Remediate the SolarWinds Hack

Apr 14, 2021 By Frank Zhu In JFrog

With software supply chain attacks on the rise, are you wondering how you can recover quickly from the recent SolarWinds breach at your company? Months after its discovery, the devastating SolarWinds hack remains a top concern for business, government and IT leaders. This destructive supply chain attack put the spotlight on software development security — a critical issue for the DevOps community.

Read Post

JFrog

Read more about Automatically Assess and Remediate the SolarWinds Hack

Bits of Security, Snyk.io: Stranger Danger: Finding Security Vulnerabilities Before They Find You!

Apr 13, 2021 By Datadog In Datadog

Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk, since you’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user's data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we'll explain why it happened, show its impact, and—most importantly—learn how to avoid or fix it.

View Video

Datadog

Read more about Bits of Security, Snyk.io: Stranger Danger: Finding Security Vulnerabilities Before They Find You!

Bits of Security, PedidosYa: Fraud Detection using Datadog and Sherlock

Apr 13, 2021 By Datadog In Datadog

From day one, most organizations,especially the big ones, are targeted with a broad range of attacks. These range from information exfiltration attempts to fraud. Although a great majority of them can be addressed with the help of a Web Application Firewall, there are some that require more extensive tooling. Join me as I show you how we use Sherlock and Datadog to block 30,000+ fraudulent users per week in seconds. We will also discuss other applications and how you can implement similar solutions.

View Video

Datadog

Read more about Bits of Security, PedidosYa: Fraud Detection using Datadog and Sherlock

Phishing and Ransomware: Connecting the Dots!

Apr 13, 2021 By James Saturnio In Ivanti

Phishing and ransomware. Ransomware and phishing. The two are inextricably connected and are now often chained together as the most potent exploit tools in a cybercriminal’s arsenal.

Read Post

Ivanti

Read more about Phishing and Ransomware: Connecting the Dots!

Endpoint Security Data Collection Strategy: Splunk UF, uberAgent, or Sysmon?

Apr 13, 2021 By Matthias Maier In Splunk

Many threats originate from the endpoint and detecting them requires insights into what happens on the endpoint. In this post we look at different endpoint activity data sources, comparing the benefits and capabilities of Splunk Universal Forwarder with vast limits uberAgent and homegrown solutions.

Read Post

Splunk

Read more about Endpoint Security Data Collection Strategy: Splunk UF, uberAgent, or Sysmon?

The Facebook data breach that affects over 533 million users explained

Apr 13, 2021 By StatusCake Team In StatusCake

If you’re a Facebook user, brace yourself for this one. It’s recently come to light that 533 million Facebook users’ details were found on a very suspicious hacker forum. The details found include users’ phone numbers, Facebook IDs, full names, locations, birthdays, and email addresses – all typical information that is stored on a Facebook account.

Read Post

StatusCake

Read more about The Facebook data breach that affects over 533 million users explained

Kubei walk-through: A Kubernetes Runtime Vulnerabilities Scanner - Milind Chawre

Apr 13, 2021 By Civo In Civo

Kubei is a vulnerabilities scanning and CIS Docker benchmark tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters.

View Video

Civo

Read more about Kubei walk-through: A Kubernetes Runtime Vulnerabilities Scanner - Milind Chawre

Unveil hidden malicious processes with Falco in cloud-native environments

Apr 13, 2021 By Kaizhe Huang In Sysdig

Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes even more complicated if those malicious processes are hidden. A malware using open source tools to evade detection has been reported. The open source project used by the malware is libprocesshider, a tool created by Sysdig’s former chief architect Gianluca.

Read Post