Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Security in Go Modules and Vulnerabilities in GoCenter at GoSF Meetup in San Francisco

Feb 29, 2020 By JFrog In JFrog
Deep Datta from the JFrog Community Team shares his learnings about Go 1.13 introducing important security features to Go Modules including a checksumdb. He explains how this works and provides information on other tools in GoCenter that keep modules secure include vulnerability scanning and Jfrog Xray.
View Video
rapidspike

5.4 Million Customers Risk Credit Card Theft with Khaadi

Feb 28, 2020 By Sam Jenkins In RapidSpike

During research into client side attacks, we recently observed a skimmer loading on the popular Pakistani fashion website, Khaadi. Khaadi is a global brand including seven stores in the UK and the company boasts over 5.4 million followers on social media. Khaadi have faced negative press recently, after an uproar about inhuman workplace conditions in 2017, and narrowingly avoiding going into administration in 2019.

Read Post
logz.io

Integrating Palo Alto with Logz.io's Cloud SIEM

Feb 28, 2020 By Zach Hamilton In logz.io

First things first, why would you want to collect logs from Palo Alto and send them to a Cloud SIEM? There are many reasons. At its core, having a centralized location with a consistent user experience for managing alerts, notifications, and information coming from the technologies securing your environment can provide value in a lot of ways. In this blog, we’ll discuss how to collect, parse, and analyze Palo Alto logs in Logz.io Cloud SIEM, and how it can help secure your cloud workloads.

Read Post
manageengine

IT security: Keep calm and monitor PowerShell

Feb 27, 2020 By ADAudit Plus In ManageEngine

In our last release of the PowerShell security series, we talked about how PowerShell could be leveraged by malicious actors to gain unprecedented access to your organization’s critical assets. From enumerating sensitive domain information and carrying out credential-based attacks to running malicious executables in memory (file-less malware), we shined a light on the potential of PowerShell and why it’s an ideal weapon for cyber attackers today.

Read Post

Kubernetes Access Controls with Calico Enterprise - How to apply egress access controls

Feb 27, 2020 By Tigera In Tigera
No matter where you are in your Kubernetes journey, eventually you’ll have to connect your k8s cluster to external resources like databases, cloud services, and third-party APIs. A majority of existing workloads are non-Kubernetes, and at some point, your Kubernetes applications will need to communicate with them.
View Video
sumologic

Securing IaaS, PaaS, and SaaS in 2020 with a Cloud SIEM

Feb 27, 2020 By Sridhar Karnam In Sumo Logic
As the cloud continues to expand with no end in sight, it’s only wise to invest in it. Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service bring significant cost savings (personnel and ownership), improved performance, better reliability, freedom to scale and - above all - significant security benefits. It’s no wonder that so many businesses have already adopted all three of these models.
Read Post

DevSecOps Best Practices with JFrog Xray

Feb 26, 2020 By JFrog In JFrog
JFrog builds security products that enable organizations to trust their pipeline from development to deployment and production. In this webinar, you will learn how to leverage JFrog Xray to achieve radical transparency of the binary components in your data center. Understand the impact of these components on production system quality, performance, and architectural changes. We will also cover security topics such as circle of trust, security between locations, security replication, access tokens, and auditing.
View Video
elastic

The advantages of resource-based pricing in security

Feb 26, 2020 By Mike Nichols In Elastic

Given the complexity of large enterprise environments, coupled with the diversity of the vendor landscape, there is no single, agreed-upon “best” way to buy security. The battles continue between CAPEX or OPEX, net-30 or net-90, annual or multi-year, perpetual or subscription. One thing we do know, however, is that all too often the consumer pays for something he or she does not use.

Read Post
sumologic

A New Integration between Sumo Logic and ARIA Cybersecurity Solutions

Feb 26, 2020 By Sumo Logic In Sumo Logic
When thinking about many of the worst data breaches we’ve seen so far (Equifax, CapitalOne, Target, Home Depot, and more), there was one common element: The attacks were not detected while they were active on the internal networks. It’s easy to think of the internal network as what’s onsite and directly in control. However, an organizations internal network also includes what extends beyond what’s on-premises, like instances within the public cloud and off-site hosted data centers.
Read Post
honeybadger

Plugging Git Leaks: Preventing and Fixing Information Exposure in Repositories

Feb 25, 2020 By Julien Cretel In Honeybadger

Have you ever been neck-deep building a new feature? You're working at capacity. You need to test something out so you paste an API key into your source file with every intention of removing it later. But you forget. You push to GitHub. It's an easy mistake, and potentially a very expensive one. In this article, Julien Cretel explores the nuances of this kind of data leak, offers suggestions for recovery when leaks happen and gives us options for preventing them in the first place.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.