Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Sponsored Post
chaossearch

From Silos to Collaboration: How to Democratize Data in Product Analytics

Mar 31, 2026 By David Bunting In ChaosSearch
Companies who develop software products generate massive quantities of product performance and user engagement data that can be analyzed to support decision-making about everything from feature planning and UX design to sales, marketing, and customer support. Leveraging product data throughout the enterprise represents a significant opportunity to achieve a competitive advantage, but challenges like siloed data systems, poor data literacy, and the complexity of data analytics in the cloud can prevent organizations from making full use of their raw data.
Read Post
Why Authorization Management in Microsoft Dynamics Is a Security Gap Most IT Teams Overlook

Why Authorization Management in Microsoft Dynamics Is a Security Gap Most IT Teams Overlook

Mar 31, 2026 By OpsMatters In OpsMatters
Enterprise security strategies tend to focus on perimeter defense. Firewalls, endpoint protection, email filtering and network segmentation receive the bulk of attention and budget. Those investments are justified. But they create a blind spot in environments where the real risk sits inside the system, not outside it. Microsoft Dynamics 365 and Business Central are used by thousands of organizations to manage finance, procurement, inventory and customer data. The users who access those systems every day have permissions that determine what they can see, change, approve and export.
Read Post
certkit

Let's Encrypt simulated revoking 3 million certificates. Most ACME clients didn't notice.

Mar 30, 2026 By Todd H. Gardner In CertKit
On March 19th, Richard Hicks, one of our customers, emailed us about a certificate that had renewed after only a week. It was a 90-day certificate and he had not initiated the renewal. That’s the kind of thing that sends you straight to the logs. We found the answer right away. The certificate’s ARI renewal window had been shortened dramatically.
Read Post
canonical

How to Harden Ubuntu SSH: From static keys to cloud identity

Mar 30, 2026 By Massimiliano Gori In Canonical
30 years after its introduction, Secure Shell (SSH) remains the ubiquitous gateway for administration, making it a primary target for brute force attacks and lateral movement within enterprise environments. For system administrators and security architects operating under the weight of regulatory frameworks like SOC2, HIPAA, and PCI-DSS, default SSH configurations are an “open door” that represents an unacceptable risk.
Read Post
harness

It's Time to Rethink Untrusted Code in Your Pipeline | Harness Blog

Mar 30, 2026 By Jyoti Bansal In Harness
The catastrophic TeamPCP exploit in March 2026 demonstrated that "open execution" models, in which third-party code runs with full privileges, have made CI/CD pipelines a primary target for global credential harvesting. There are better architectures. On March 19th, the risks of running open execution pipelines — where what code runs in your CI/CD environment is largely uncontrolled — went from theoretical to catastrophic.
Read Post
Mastering CompTIA Security+ SY0-701 Certification for a Strong Cybersecurity Career

Mastering CompTIA Security+ SY0-701 Certification for a Strong Cybersecurity Career

Mar 29, 2026 By OpsMatters In OpsMatters
Cybersecurity has become one of the fastest-growing fields in the IT industry, and earning a globally recognized certification is one of the best ways to enter this domain. The CompTIA Security+ certification is widely respected because it validates essential skills in risk management, network security, cryptography, and threat detection. This certification is especially valuable for beginners and intermediate IT professionals who want to build a strong foundation in cybersecurity principles and practices.
Read Post
canonical

The "scanner report has to be green" trap

Mar 27, 2026 By Lech Sandecki In Canonical
In the modern DevSecOps world, CISOs are constantly looking for signals in the noise, and the outputs of security scanners often carry a lot of weight. A security scan that returns a “zero CVE” report often unlocks promotion to production; a single red flag can block a release. This binary view of security has birthed two diametrically opposed philosophies. On one side, we have the long-term support (LTS) approach: stay on a battle-tested version and backport specific security fixes.
Read Post

Observability and Security for the AI Era

Mar 27, 2026 By Datadog In Datadog
Datadog has always been driven by a broader vision of helping teams understand and operate complex systems. In this session, you’ll hear from Yrieix Garnier, VP of Product, and Hugo Kaczmarek, Senior Director of Product, as they share the latest updates across the Datadog product suite and discuss how that vision continues to shape the platform’s evolution and support the next generation of AI-driven applications.
View Video
Continuous Threat Exposure Management (CTEM): A Proactive Defense Strategy for Modern Cybersecurity

Continuous Threat Exposure Management (CTEM): A Proactive Defense Strategy for Modern Cybersecurity

Mar 27, 2026 By OpsMatters In OpsMatters
In today's rapidly evolving digital world, cyber threats are becoming more sophisticated, frequent, and damaging. Organizations can no longer rely solely on traditional, reactive cybersecurity methods. Instead, they must adopt a proactive approach to identify and eliminate risks before attackers exploit them. This is where Continuous Threat Exposure Management (CTEM) plays a critical role. CTEM is redefining how businesses approach cybersecurity by offering continuous visibility into vulnerabilities, threats, and risks across their entire IT environment.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.