Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Working in the SOC with Power Tools: Splunk and Polarity

Have you ever had to saw through a board by hand? I had to finish a partial cut by hand the other day while building a new mantle for my fireplace. It’s slow and difficult, and it often results in a lesser quality cut than one done with a power tool. It’s good exercise, though! We should all have to do it at least once so we appreciate our power tools more.

Understanding how attackers move inside your organization

Cyberthreats have been coming at us from the left, right, and center. The number of cyberattacks is forever on the rise, and companies need to keep ramping up their security measures to protect themselves. It’s important that these measures cover every aspect of a network environment. To understand why monitoring your whole environment is so important, let’s take a look at what an attacker might do once they get inside your organization.

Monitor Auth0 with Datadog

Auth0 provides identity as a service (IDaaS), allowing you to secure your apps and APIs without having to write your own authorization code. Auth0 can work with social identity providers (IdP) like Google and Facebook so your users can access your app by using their existing accounts for authentication. You can also use an existing enterprise identity provider (e.g., LDAP) to allow your users to leverage single sign-on (SSO) across multiple apps.

Best Practices: Onboarding Jfrog Xray

JFrog Xray is a Software Composition Analysis tool (SCA) which is tightly integrated with JFrog Artifactory to ensure security and compliance governance for the organization binaries throughout the SDLC. This video provides best practices learned from customers for successfully deploying JFrog Xray into your organization and performing a real Shift-Left. It will focus on two keys to success, 1. involving R&D and 2. starting small and working in cycles.

Kubernetes Q3-2020: Threats, Exploits and TTPs

Kubernetes has become the world’s most popular container orchestration system and is taking the enterprise ecosystem by storm. At this disruptive moment it’s useful to look back and review the security threats that have evolved in this dynamic landscape. Identifying these threats and exploits and being a proactive learner may save you a lot of time and effort…as well as help you retain your reputation in the long run.

What Is an MSP and What Makes It Unique in the IT World?

MSPs use a variety of powerful IT tools to offer services to their customers and help small businesses compete against larger industry players. When considering whether a business should outsource its IT department to a managed services provider (MSP), the first step is understanding exactly what an MSP is and what it can do. This guide will explain how MSPs support small businesses, the many benefits of enlisting their services, and why they’re important for economic growth.

Email Security Risks: Why You Need a Cyber Security Plan

Even though technology has advanced significantly over the past few decades, hackers and cybercriminals still target large volumes of email messages daily. Some of the biggest types of things that get sent through email include malware, ransomware, trojans, and viruses. These things are often disguised in some sort of “friendly” email message, an embedded link, or a cute kitten meme.

Monitor SSL TLS Certificate Expiration

Secure Socket Layer (SSL) and its successor, Transport Layer Security (TLS) are protocols designed to safeguard traffic over the internet. SSL certificates allow websites to move from HTTP to HTTPS, a more secure communication channel on a network. Starting this September, the lifespan of an SSL/TLS certificate will be limited to 398 days, a reduction from the previous maximum certificate lifetime of 825 days.

Advanced Active Directory attacks: Simulating domain controller behavior

There was a time when cyberattacks on identity and authentication infrastructures [like Active Directory (AD)] were immensely challenging to perform. A lot of forethought had to be put into devising a plan for the careful execution of attacks, and advanced technical knowledge of domains and networks was a requisite. Over time, with the advent of open-source pen testing tools, the knowledge gap and the complexities involved to carry out a full-scale cyberattack have narrowed drastically.