%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Mind Your Dependencies: Defending against malicious npm packages

Jan 25, 2022 By Ilya Khivrich In JFrog

Modern software projects are mostly composed of open source code. The question of who really controls this code, and is responsible for detecting and fixing software supply chain security issues, became a significant source of concern after the discovery of the Log4Shell vulnerability.

Read Post

JFrog

Read more about Mind Your Dependencies: Defending against malicious npm packages

Evolve to a Risk-Based Vulnerability Remediation Strategy with a Cloud-Native Patch Management Solution - Now Available from Ivanti

Jan 25, 2022 By Robert Waters In Ivanti

Ransomware attacks are increasing in frequency and severity every year. The impact to companies is devastating. These attacks typically lead to lost business for companies as they often cause increased customer turnover, system downtime, diminished reputation and other adverse side effects.

Read Post

Ivanti

Read more about Evolve to a Risk-Based Vulnerability Remediation Strategy with a Cloud-Native Patch Management Solution - Now Available from Ivanti

What is the Essential Eight Maturity Model - and where does your data fit into the picture?

Jan 24, 2022 By Amie Hardgrave In Redgate

Join any conversation about cybersecurity in Australia and the Essential Eight Maturity Model may well be mentioned.

Read Post

Redgate

Read more about What is the Essential Eight Maturity Model - and where does your data fit into the picture?

Running regular security scans with scheduled pipelines

Jan 24, 2022 By Fikayo Adepoju In CircleCI

Security is a vital part of application development, yet it may be neglected until an attacker takes advantage of a vulnerability in the system. The consequences of a security breach can damage an application’s integrity as well as a company’s reputation and revenue. Software architects and engineers need to pay special attention to securing the systems they work on.

Read Post

CircleCI

Read more about Running regular security scans with scheduled pipelines

TOP 10 IT Trends

Jan 21, 2022 By Bhaskar Krishnamsetty In Fabrix

Observability has gained a lot of momentum in the past year, be it full stack observability or data observability. Modern complex IT systems using clouds, microservices and serverless are easy to develop and deploy but extremely difficult to observe. These systems generate tremendous amounts of data and need an automated way of handling the volume. The next era of delivering customer experience is underpinned by the full stack observability capability.

Read Post

Fabrix

Read more about TOP 10 IT Trends

Harnessing AIOps to Improve System Security

Jan 20, 2022 By Thomas Russell In Coralogix

You’ve probably seen the term AIOps appear as the subject of an article or talk recently, and there’s a reason. AIOps is merging DevOps principles with Artificial Intelligence, Big Data, and Machine Learning. It provides visibility into performance and system data on a massive scale, automating IT operations through multi-layered platforms while delivering real-time analytics.

Read Post

Coralogix

Read more about Harnessing AIOps to Improve System Security

Chatbots - Intro to Torq Webinar

Jan 20, 2022 By Torq In Torq

The challenges and workloads facing today’s security teams are not getting easier, but the response methods of security teams are still manual, utilizing a patchwork of security tools that are not connected nor communicating with each other. What if you could utilize your organization’s most common communication tool (i.e. Slack) to bring security communications and operations into every part of your organization?

View Video

Torq

Read more about Chatbots - Intro to Torq Webinar

LogStream for InfoSec: VPC Flow Logs - Reduce or Enrich? Why Not Both?

Jan 20, 2022 By Igor Gifrin In Cribl

In the last few years, many organizations I worked with have significantly increased their cloud footprint. I’ve also seen a large percentage of newly launched companies go with cloud services almost exclusively, limiting their on-premises infrastructure to what cannot be done in the cloud — things like WiFi access points in offices or point of sale (POS) hardware for physical stores.

Read Post

Cribl

Read more about LogStream for InfoSec: VPC Flow Logs - Reduce or Enrich? Why Not Both?

Continuously Securing Software Supply Chain

Jan 19, 2022 By JFrog In JFrog

Catch this session to see a breakdown of the recent news related to software supply chain security and what you can do to meet new requirements and protect your software from such attacks. With new software supply chain attacks reaching the spotlight at an accelerating pace, security research uncovering novel attack methods and new mandates and guidelines starting to come into effect — it can be hard to stay on top of the latest developments and their implications.

View Video

JFrog

Read more about Continuously Securing Software Supply Chain

9 Types of Phishing and Ransomware Attacks-And How to Identify Them

Jan 19, 2022 By James Saturnio In Ivanti

Cyberattacks have become more pervasive globally, evolving quickly in sophistication and scale, and are now more lucrative than ever for cybercriminals. Not only has The Everywhere Workplace extended the cyber risk and threat landscape—especially for data privacy and its protection—but a lot of Agile software developers, many of whom lack any DevSecOps process, are publishing untested or poorly tested software that can be exploited as zero-days by criminal gangs.

Read Post