Splunk Enterprise Security: Visibility into SaaS Apps
Watch how Splunk Enterprise Security gains visibility and insights from popular SaaS or Cloud-based apps to aid in detection and investigations.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Docker scanning for Jenkins CI/CD security with the Sysdig Secure plugin.
In this blog post we’ll cover how to implement Docker Scanning for Jenkins with the Sysdig Secure Jenkins plugin. The plugin can be used in both freestyle and pipeline jobs to scan images and fail the build if the image fails a policy evaluation.
CloudReady Single Sign-On SAML Integration
Exoprise recently released support for Security Assertion Markup Language (SAML) 2.0 integration to enable CloudReady Single Sign-On (SSO) for user access to CloudReady. Exoprise always supported testing and monitoring web-based SSO like ADFS, Ping, & Okta but had not gotten around to finishing our integrated SAML support – well wait no longer – its here! No more letting users manage passwords in CloudReady unless you want to.
Scanning images in Azure Container Registry.
With the 2.0 release of Sysdig Secure, we’re excited to support new integrations with services Azure provides around containers and Kubernetes. Today we’ll be diving deeper into how to integrate Sysdig Secure with ACR (Azure Container Registry) to scan images for for security, compliance, and reliability.
Capture Content Security Policy (CSP) Violations with Sentry
There are nearly two billion websites live at this very moment. That’s almost two billion chances for data to be stolen and malware to be distributed. Don’t worry! Or maybe do worry, but just not too much. Protections have been developed to keep data and websites safe.
Simplifying security auditing, Part 4: Securing web servers
Web servers are front-end facing applications that are vital for the daily operations of businesses. They are subject to attacks such as SQL injection, malicious URL requests, and the age-old classic, denial of service (DoS) attacks. While there are specialized web application security solutions that you can (and should) deploy, auditing web server logs is just as important for ensuring your web servers are secure and always up and running.
Top 5 Best Practices in Kubernetes Network Security & Compliance
While a microservice architecture, orchestrated by applications like Kubernetes, offers a tremendous business advantage for time to market, proper security and compliance controls must be put in place.
Restricting CFEngine to one CPU core using Systemd
In some performance critical situations, it makes sense to limit management software to a single CPU (core). We can do this using systemd and cgroups. CFEngine already provides systemd units on relevant platforms, we just need to tweak them. I’m using CFEngine Enterprise 3.12 on CentOS 7, but the steps should be very similar on other platforms/versions.
Creating a Cross Account IAM Role in AWS for CloudSploit
CloudSploit's AWS Security scanning service requires a third-party cross-account role with an external ID. Learn how to connect your AWS account securely to CloudSploit.
The Connected Home - How Secure Are All These Gadgets?
Connected or smart homes are becoming more commonplace as people use computer networks to control different aspects of their in-house technology. But how secure are these networks?