%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Building Cyber Resilience Through Collaboration

Feb 4, 2025 By AJ Nash In Mattermost

As cyber threats grow in sophistication and frequency, organizations worldwide are grappling with the challenge of safeguarding their systems and data while maintaining operational continuity. Cyber resilience, the ability to prepare for, respond to, and recover from cyber incidents, is no longer just a competitive advantage…it’s a critical necessity.

Read Post

Mattermost

Read more about Building Cyber Resilience Through Collaboration

Enable automatic running of policies with autorun module

Feb 3, 2025 By Craig Comstock In CFEngine

When writing CFEngine policy we create files ending in the.cf extension but this alone won’t cause the policy to be parsed and evaluated. By default cf-agent runs ${sys.inputdir}/promises.cf. For a non-privileged user running cf-agent this will be in their $HOME directory.

Read Post

CFEngine

Read more about Enable automatic running of policies with autorun module

How to make Kosli generic attestations using the kosli-attest-generic command

Feb 3, 2025 By Jon Jagger In Kosli

All but one of the kosli attest commands calculate the true/false compliance value for you based on their type. For example, kosli attest snyk can read the sarif output file produced by a snyk scan. The one that doesn’t is kosli attest generic which is “type-less”. It can attest anything, but Kosli cannot calculate a true/false compliance value for you. Often the tool you are using can generate the true/false value, which is then easy to capture.

Read Post

Kosli

Read more about How to make Kosli generic attestations using the kosli-attest-generic command

Building Next-Generation SIEM Operations for Enterprise Security

Feb 3, 2025 By iOPEX Team In iOPEX

Cybersecurity today is not just about defending against attacks. It’s about proactively managing risks in a landscape where threats are growing in volume and sophistication. With data volumes rising by 30% in just the past year and the average cost of a data breach now exceeding $4 million, traditional Security Information and Event Management (SIEM) systems are no longer enough.

Read Post

iOPEX

Read more about Building Next-Generation SIEM Operations for Enterprise Security

Moving to a zero-trust model with Kosli's custom attestations

Feb 3, 2025 By Jon Jagger In Kosli

The Kosli CLI provides several attest commands, such as kosli attest snyk, kosli attest jira, etc. These attestations are “typed” - each one knows how to interpret its own particular kind of input. For example, kosli attest snyk interprets the sarif file produced by a snyk container scan to determine the true/false value for that individual attestation.

Read Post

Kosli

Read more about Moving to a zero-trust model with Kosli's custom attestations

How to Discover Advanced Persistent Threats in AWS

Jan 31, 2025 By David Bunting In ChaosSearch

When it comes to managing AWS cloud security, a growing concern for security operations (SecOps teams) is the increasing sophistication of digital threats. While conventional cyber threats deploy widely known tools and techniques in crude, all-or-nothing attempts to breach enterprise security controls, sophisticated attacks known as Advanced Persistent Threats (APTs) employ more advanced technologies and methods to gain and maintain access to secure systems for long periods of time.

Read Post

ChaosSearch

Read more about How to Discover Advanced Persistent Threats in AWS

The Four Big Questions of Cybersecurity | Security Insights, Ep. 47

Jan 31, 2025 By Ivanti In Ivanti

Ivanti's Chris Goettl and Robert Waters take on four big questions facing cybersecurity teams today, namely: Listen in for those questions and a few answers too. Ivanti finds, heals, and protects every device, everywhere – automatically. Whether your team is down the hall or spread around the globe, Ivanti makes it easy and secure for them to do what they do best. Ivanti is IT for the way we work now. Integrated solutions for everything IT touches. So, employees can work better, anywhere, and everywhere.

View Video

Ivanti

Read more about The Four Big Questions of Cybersecurity | Security Insights, Ep. 47

Cyber Security Risk Management: Frameworks and Best Practices

Jan 30, 2025 By iOPEX In iOPEX

Cyber threats, since 2020, have become a silent epidemic for enterprises and customers alike. Sounds dramatic? Think again: In 2023, cyberattacks hit enterprises every 39 seconds and burnt through $4.99 million per hit, making security not just an IT checklist but a critical enterprise-wide priority. Fast forward to 2025, and the message is clear: adapt or lose out to your competitors.

Read Post

iOPEX

Read more about Cyber Security Risk Management: Frameworks and Best Practices

Integrating Google SecOps with Bindplane January 2025

Jan 30, 2025 By ObservIQ In ObservIQ

Google SecOps (formerly Chronicle) is Google Cloud's security operations platform (SIEM) that helps you detect, investigate, and respond to cybersecurity threats. Integrating Bindplane enables an easy way of standardizing how you efficiently collect, process, and forward security-relevant data to Google SecOps. In this webinar you’ll get a hands-on demo of how to configure log collection with the BindPlane Agent, and best practices for data standardization using open standards and OpenTelemetry. This will let you focus on the important task of investigating threats with Google SecOps instead of configuring telemetry pipelines.

View Video

ObservIQ

Read more about Integrating Google SecOps with Bindplane January 2025

CFEngine: The agent is in 45 - Deduping the Internet with CFEngine

Jan 30, 2025 By CFEngine In CFEngine

"CFEngine: The agent is in" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.

View Video