%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Sysdig Adds Unified Threat Detection Across Containers and Cloud to Combat Lateral Movement Attacks

Mar 30, 2021 By Sysdig In Sysdig

Sysdig introduces continuous CSPM to the Sysdig Secure DevOps Platform, multi-cloud threat detection for AWS and GCP, and a new free-forever cloud security tier. With 70% of cyberattack breaches utilizing lateral movement, Sysdig uniquely detects and responds to threats across cloud and containers.

Read Post

Sysdig

Read more about Sysdig Adds Unified Threat Detection Across Containers and Cloud to Combat Lateral Movement Attacks

Detect suspicious activity in GCP using audit logs

Mar 30, 2021 By Alejandro Villanueva In Sysdig

GCP audit logs are a powerful tool that track everything happening in your cloud infrastructure. By analyzing them, you can detect and react to threats. Modern cloud applications are not just virtual machines, containers, binaries, and data. When you migrated to the cloud, you accelerated the development of your apps and increased operational efficiency. But you also started using new assets in the cloud that need securing.

Read Post

Sysdig

Read more about Detect suspicious activity in GCP using audit logs

Cloud lateral movement: Breaking in through a vulnerable container

Mar 30, 2021 By Stefano Chierici In Sysdig

Lateral movement is a growing concern with cloud security. That is, once a piece of your cloud infrastructure is compromised, how far can an attacker reach? What often happens in famous attacks to Cloud environments is a vulnerable application that is publicly available can serve as an entry point. From there, attackers can try to move inside the cloud environment, trying to exfiltrate sensitive data or use the account for their own purpose, like crypto mining.

Read Post

Sysdig

Read more about Cloud lateral movement: Breaking in through a vulnerable container

AWS CIS: Manage cloud security posture on AWS infrastructure

Mar 30, 2021 By Vicente Herrera García In Sysdig

Implementing the AWS Foundations CIS Benchmarks will help you improve your cloud security posture in your AWS infrastructure. What entry points can attackers use to compromise your cloud infrastructure? Do all your users have multi-factor authentication setup? Are they using it? Are you providing more permissions that needed? Those are some questions this benchmark will help you answer. Keep reading for an overview on AWS CIS Benchmarks and tips to implement it.

Read Post

Sysdig

Read more about AWS CIS: Manage cloud security posture on AWS infrastructure

Unified threat detection for AWS cloud and containers

Mar 30, 2021 By Vicente Herrera García In Sysdig

Implementing effective threat detection for AWS requires visibility into all of your cloud services and containers. An application is composed of a number of elements: hosts, virtual machines, containers, clusters, stored information, and input/output data streams. When you add configuration and user management to the mix, it’s clear that there is a lot to secure!

Read Post

Sysdig

Read more about Unified threat detection for AWS cloud and containers

Getting started with cloud security

Mar 30, 2021 By Sysdig In Sysdig

Your application runs on containers and talks to multiple cloud services. How can you continuously secure all of it? With Sysdig you can. Continuously flag cloud misconfigurations before the bad guys get in. And suspicious activity, like unusual logins from leaked credentials. All in a single console that makes it easier to validate your cloud security posture. It only takes a few minutes to get started.

View Video

Sysdig

Read more about Getting started with cloud security

Micro Lesson: Administering Password Policy and Service Allowlist Settings

Mar 30, 2021 By Sumo Logic In Sumo Logic

This video explains how to administer password policy and service allowlist settings control using the Sumo Logic interface.

View Video

Sumo Logic

Read more about Micro Lesson: Administering Password Policy and Service Allowlist Settings

How can something called hardening be so easy?

Mar 30, 2021 By Puppet In Puppet

"How can something called hardening be so easy?" with Bryan Belanger from Fervid.

View Video

Puppet

Read more about How can something called hardening be so easy?

Credential management best practices for business process automations

Mar 29, 2021 By ManageEngine In ManageEngine

This webinar recording gives you a clear picture of the various credential-related perils that can surface because of implementing business process automation (BPA) workfows in your enterprise. Ganesh, our in-house IT security expert will walk you through the risks associated with hard-coding privileged credentials within application scripts and also provide you with a handful of security best practices to mitigate the risks and fortify your IT infrastructure from credential exposure through PAM360.

View Video

ManageEngine

BPM
Security

Read more about Credential management best practices for business process automations

Using Policy Analyzer to develop and debug CFEngine policy

Mar 29, 2021 By Craig Comstock In CFEngine

I have a setup at home where I keep a local git server running on a Raspberry Pi 3 which contains personal/work journal, dotfiles and a personal policy repository. It was set up manually so before adding a new git repository for a family password store I set about retrofiting the configuration in CFEngine. The goal in this blog is to ensure that what I have already is managed by CFEngine and that what I want to add, /srv/git/passwords.git, is created.

Read Post