[Webinar] Securing Sensu: setting up client certificates
In this 30-minute webinar, Sensu Developer Advocates Jef Spaleta and Todd Campbell walk through setting up client certificates in Sensu Go (including what they are and why they matter).
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
Security
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Securing your SaaS apps in 2020: 3 pillars you can't neglect
In 2010, cloud computing just started to lead the IT revolution. It’s 2020 and the cloud is already mainstream. If you’re not running your business in virtual yet, you’re missing out on huge profit opportunities and capabilities that the cloud has to offer. Adopting a cloud strategy brings better security, increased stability and overall greater flexibility for your organization.
New Year Magecart Attacks include Australian Bushfire Donation Sites
Here’s the latest news on Magecart and other website attacks! We’ve trawled the web for the latest news of data breaches, including updates on previous attacks with insights from our own Security Research Team.
Micro Lesson: Managing Access Keys (Conceptual)
This video explains the benefits and importance of using access keys in Sumo Logic.
NSA's Windows 10 Advisory - Is Your OS Really Secure?
New year, same old problems for Windows 10. But it doesn’t have to be that way. Earlier this month the United State’s National Security Agency (NSA) announced that they discovered a major vulnerability in Windows 10 and Windows Server 2016 that could have had dire consequences for businesses around the world. The vulnerability places Windows endpoints at risk to a broad range of exploitation vectors NSA official cybersecurity advisory
Unpatched zero-day vulnerability in Internet Explorer exploited in the wild
Barely a week after Patch Tuesday, internet security company Qihoo 360 has discovered yet another vulnerability in Internet Explorer (IE), this time due to a remote code execution vulnerability in the jscript.dll scripting engine. The vulnerability, identified as CVE-2020-0674, is considered Critical for IE 11, and Moderate for IE 9 and IE 10.
Okta: Atlassian product suite most popular app of the year
Atlassian and Opsgenie are among the most popular apps in the Okta network this year, according to a new report from the security company. From the report: Okta’s Business @ Work 2020 Report takes an in-depth look at how organizations and people work, exploring industries and customers, and the applications and services they use to harness productivity.
Using Auditbeat to protect your critical infrastructure
Beats are lightweight, purpose-built agents that acquire data and then feed it to Elasticsearch. Beats use the libbeat framework that makes it easy to create customized beats for any type of data you’d like to send to Elasticsearch. Auditbeat is a lightweight shipper from the Beats family that you can install on your servers to audit the activities of users and processes on your systems.
Kubernetes Master Class: How to harden your Kubernetes Clusters
As enterprises accelerate their adoption of containers and Kubernetes, they need to take necessary steps to protect such a critical part of their compute infrastructure. But not everyone has the same security needs, with developers and engineers often asking for different levels of granular control on specific configurations. This masterclass will help you navigate these conversations using Rancher’s current best practice security guidance. Topics to be covered will include:
Announcing secrets management in Sensu Go
In order to determine the health and current state of your systems, monitoring by its very nature requires access to internal and external services. Traditionally, users have had to get creative in terms of how they expose sensitive information (secrets, like access credentials) to their monitoring tool; operators typically would leverage local environment variables or give up entirely by putting secrets in the monitoring configuration.