%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Why You Need to Closely Monitor Your Exchange Servers

Apr 13, 2021 By Peter Hammond In Coralogix

Monitoring your on-prem and hybrid cloud infrastructure has always been important. With an ever-growing rise in cyber attacks, zero-day exploits, and insider threats, keeping track of your infrastructure has a renewed level of significance. Microsoft Exchange is one of the most prominent enterprise systems in use today, with both cloud and on-prem iterations.

Read Post

Coralogix

Read more about Why You Need to Closely Monitor Your Exchange Servers

Assessing the cybersecurity landscape

Apr 12, 2021 By ManageEngine In ManageEngine

In the latest installment of the ManageEngine Insights' podcast, enterprise analyst John Donegan sits down with Andy Bates, the executive director of the Global Cyber Alliance. An expert in the field of cybersecurity, Bates discusses current IT security trends, attack vectors, crime deterrents, and other emerging issues, such as biometrics and blockchain technologies. Bates also addresses user psychology as it relates to IT security, as well as some of the silver linings of the COVID pandemic.

View Video

ManageEngine

Security

Read more about Assessing the cybersecurity landscape

Continuous integration that you can trust: announcing SOC 2 certification

Apr 12, 2021 By Rob Zuber In CircleCI

At CircleCI, we care about security - in 2018, we became the first CI/CD tool to meet the rigorous security and privacy standards required by government agencies to get FedRAMP authorized. Now, CircleCI is SOC 2 certified, adding another industry-recognized security accreditation.

Read Post

CircleCI

Read more about Continuous integration that you can trust: announcing SOC 2 certification

IAM Policies: Good, Bad & Ugly

Apr 12, 2021 By Chase Douglas In Stackery

In my last post we looked at the structure of AWS IAM policies and looked at an example of a policy that was too broad. Let's look at a few more examples to explore how broad permissions can lead to security concerns. By far the most common form of broad permissions occurs when policies are scoped to a service but not to specific actions.

Read Post

Stackery

Read more about IAM Policies: Good, Bad & Ugly

Microlesson: How are Insights Created?

Apr 9, 2021 By Sumo Logic In Sumo Logic

Learn how Sumo Logic's Cloud SIEM Enterprise clusters log data into actionable security Insights.

View Video

Sumo Logic

Read more about Microlesson: How are Insights Created?

Splunk SOAR Playbooks: Azure New User Census

Apr 9, 2021 By Splunk In Splunk

Hafnium is the latest cyberattack that utilizes a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched). Learn how you can use Splunk Phantom to automate account monitoring to ensure that threat actors are not exploiting vulnerabilities to access sensitive information through authenticated accounts.

View Video

Splunk

Read more about Splunk SOAR Playbooks: Azure New User Census

Run confidently with secure DevOps

Apr 8, 2021 By Sysdig In Sysdig

The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps. In cloud-native DevOps is not enough. It's time for secure DevOps.

View Video

Sysdig

Read more about Run confidently with secure DevOps

Taking Automation Beyond the SOC With Advanced Network Access Control

Apr 8, 2021 By Kelly Huang In Splunk

Security orchestration, automation and response (SOAR) tools are most commonly known for automating manual security operations processes in order to expedite security investigations or cyber response. For instance, Splunk’s SOAR technology, Splunk Phantom, is most commonly used to automate alert triage, phishing investigation and response, threat hunting and vulnerability management.

Read Post

Splunk

Read more about Taking Automation Beyond the SOC With Advanced Network Access Control

Web Access Control Redefined

Apr 7, 2021 By Johannes Meyer In Icinga

One of the focuses of version 2.9 of Icinga Web 2 will be on access control. For years on now, Icinga Web 2 had a very simple role based access control (RBAC) implementation. This suited most of our users fine. However, there were still some requests to enhance this further. The next major update of Icinga Web 2 (Version 2.9) and Icinga DB Web will allow users to configure exactly this.

Read Post

Icinga

Read more about Web Access Control Redefined

How Calico Cloud's runtime defense mitigates Kubernetes MITM vulnerability CVE-2020-8554

Apr 6, 2021 By Manoj Ahuje In Tigera

Since the release of CVE-2020-8554 on GitHub this past December, the vulnerability has received widespread attention from industry media and the cloud security community. This man-in-the-middle (MITM) vulnerability affects Kubernetes pods and underlying hosts, and all Kubernetes versions—including future releases—are vulnerable. Despite this, there is currently no patch for the issue.

Read Post