Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

elastic

Elastic Security provides free and open protections for SUNBURST

Dec 15, 2020 By Devon Kerr In Elastic

On December 13, SolarWinds released a security advisory regarding a successful supply-chain attack on the Orion management platform. The attack affects Orion versions 2019.4 HF 5 through 2020.2.1, software products released between March and June of 2020. Likewise, on December 13, FireEye released information about a global campaign involving SolarWinds supply-chain compromise that affected some versions of Orion software.

Read Post
alertops

3 Tips for MSPs to Handle Cyber Attacks

Dec 15, 2020 By AlertOps In AlertOps
Managed service providers (MSPs) face ransomware, malware, and other cyber attacks — and these issues can affect both MSPs and their clients. To understand the full impact of an MSP cyber attack, let’s examine the topic in more detail. Businesses use MSPs to manage IT infrastructure and other resources. In doing so, businesses outsource the maintenance and care of applications, networks, security, and other aspects of their IT operations to a third-party.
Read Post
graylog

SUNBURST Backdoor: What to look for in your logs now - Interview with an incident responder

Dec 15, 2020 By Lennart Koopmann In Graylog

Yesterday, FireEye published a report about a global intrusion campaign that utilized a backdoor planted in SolarWinds Orion. Attackers gained access to the download servers of Orion. They managed to infect signed installers downloaded by Orion users who had all reason to believe that the packages are safe and had not been tampered with. With this information out in the world, teams are scrambling to investigate if their environments are affected by this breach.

Read Post

Secure Your Cloud Transformation with Continuous Intelligence

Dec 15, 2020 By Sumo Logic In Sumo Logic
CrowdStrike and Sumo Logic work together to identify security threats and defend against IOCs in a hybrid environment. Customers gain knowledge on adversaries which may be targeting their assets and organisation via strategic, operational and technical reporting and alerts. During this session, we’ll hear from Australian private health provider, NIB, on how Sumo Logic and CrowdStrike have worked together to help NIB secure its digital transformation and cloud environment.
View Video
rancher

Tapping Native Controls in Kubernetes to Protect Your Cloud-Native Apps

Dec 15, 2020 By Michael Foster In Rancher

As companies adopt container technologies, they face a significant challenge - how do we secure this new attack surface? It’s an issue that you often see backlogged in favor of solving storage, networking and monitoring issues. Add on the challenge of educating the workforce on one of the fastest-growing open source projects to date, and it’s no wonder security has lagged as the primary focus for teams.

Read Post
puppet

How to Remediate Unencrypted S3 buckets

Dec 15, 2020 By Dave Noderer In Puppet

Cloud environments are always susceptible to security issues. A significant contributor to this problem is misconfigured resources. Traditional IT Infrastructure was somewhat static; server hardware only changed every few years. With few changes occurring, security was also more static. The modern cloud environment is a much different challenge. In cloud environments, servers, services, and storage are created with automation, resulting in a dynamic and potentially ever-changing server environment.

Read Post

Enabling Secure Kubernetes Multi-Tenancy with Calico Enterprise

Dec 15, 2020 By Tigera In Tigera
When you have different teams interacting with a Kubernetes cluster you need to think about the security, privacy, and observability challenges associated with multi-tenancy: How to provide each team with access to the specific resources they need, in a way that allows the team to be agile, without risking impacting other teams? In this session, we’ll explore the Kubernetes multi tenancy concepts and design patterns needed for successful enablement of multi-tenancy within your Kubernetes clusters using key capabilities of Calico Enterprise.
View Video

Datadog on Serverless

Dec 15, 2020 By Datadog In Datadog
The Datadog Security Platform team leverages Serverless to ingest security events across many different cloud providers, deployment platforms, and devices. These security events are then transformed and shipped to a data lake to help defend and protect the platform as a whole. Once there, these ingested events are used to drive internal investigations, create internal security alerts, and reason about security incidents.
View Video
mattermost

Coordinated disclosure of XML round-trip vulnerabilities in Go's standard library

Dec 14, 2020 By Juho Nurminen In Mattermost

This blog post is a part of Mattermost’s public disclosure of three serious vulnerabilities in Go’s encoding/xml related to tokenization round-trips. The public disclosure comes as a result of several months of work, including collaborating with the Go security team since August 2020 and with affected downstream project maintainers since earlier this month.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.