Operations | Monitoring | ITSM | DevOps | Cloud

websitepulse

Small Business Cybersecurity: Uncovering the Vulnerabilities That Make Them Prime Targets

Sep 29, 2023 By Simon Rodgers In WebSitePulse

According to a 2021 report by Verizon, almost half of all cyberattacks target businesses with under 1,000 employees. This figure is steadily rising as small businesses seem to be an easy target for cybercriminals. 61% of SMBs (small and medium-sized businesses) were targeted in 2021. But why are small businesses highly vulnerable to cyberattacks? We are looking into where the vulnerabilities are and what small businesses can do to protect themselves.

Read Post
graylog

An Introduction to the OWASP API Security Top 10

Sep 7, 2023 By Jeff Darrington In Graylog
If you ever watched Stargate, then you have some understanding of how application programming interfaces (APIs) work. While APIs don’t give you the ability to traverse the galaxy using an alien wormhole, they do act as digital portals that allow data to travel between applications. However, as sensitive data moves from one application to another, each API becomes a potential access point that threat actors can exploit.
Read Post

This VideoGame Vulnerability was a Huge Headache: Unpacking Log4j Ep.22 | Security Insights Podcast

Aug 10, 2023 By Ivanti In Ivanti
Ivanti finds, heals, and protects every device, everywhere – automatically. Whether your team is down the hall or spread around the globe, Ivanti makes it easy and secure for them to do what they do best. Ivanti is IT for the way we work now. Integrated solutions for everything IT touches. So, employees can work better, anywhere, and everywhere.
View Video
solarwinds

Common API Vulnerabilities and How to Secure Them

Aug 7, 2023 By Papertrail Team In SolarWinds
Application programming interfaces (APIs) have become a critical part of almost every business. APIs are responsible for transferring information between systems within a company or to external companies. For example, when you log in to a website like Google or Facebook, an API processes your login credentials to verify they are correct.
Read Post
onpage

The DevSecOps Toolchain: Vulnerability Scanning, Security as Code, DAST & More

Jul 28, 2023 By Gilad Maayan In OnPage

DevSecOps is a philosophy that integrates security practices within the DevOps process. DevSecOps involves creating a ‘security as code’ culture with ongoing, flexible collaboration between release engineers and security teams. The main aim of DevSecOps is to make everyone accountable for security in the process of delivering high-quality, secure applications. This culture promotes shorter, more controlled iterations, making it easier to spot code defects and tackle security issues.

Read Post

End-to-End Risk-Based Vulnerability & Patch Management from Ivanti

Jul 26, 2023 By Ivanti In Ivanti
Ivanti has created an end-to-end vulnerability prioritization and patching experience to automate the handoff of CVEs from security teams to IT ops. Customers can now remediate vulnerabilities more quickly and easily than ever with this risk-based vulnerability and patch management solution. Ivanti finds, heals, and protects every device, everywhere – automatically. Whether your team is down the hall or spread around the globe, Ivanti makes it easy and secure for them to do what they do best.
View Video

Spotting Vulnerabilities at Rest and at Runtime feat. Cloudsmith and Sysdig

Jul 18, 2023 By Cloudsmith In Cloudsmith
The rise and popularity of containers and Kubernetes have revolutionised the IT industry but also introduced a lot of complexity including a huge number of vulnerabilities coming from different container image layers. To master those vulnerabilities both DevOps and Security teams are struggling to prioritise and address them, often without sufficient clarity or accountable insights.
View Video
NinjaOne

Unpatched Microsoft 0-Day: How to Mitigate CVE-2023-36884 with PowerShell

Jul 13, 2023 By Jonathan Crowe In NinjaOne

Microsoft's July 2023 Patch Tuesday updates highlighted several vulnerabilities under active exploitation, including one (or more?) that remains unpatched. Here's what you need to know about CVE-2023-36884, a zero-day vulnerability that attackers are exploiting to gain remote code execution via "specially-crafted" Microsoft Office documents.

Read Post
grafana

Trusted Types: How we mitigate XSS threats in Grafana 10

Jul 11, 2023 By Kristian Bremberg, Tobias Skarhed In Grafana

Grafana is a rich platform for data visualization, giving you full control over how your data should be visualized. However, this flexibility and freedom comes with some challenges from a security perspective — challenges that need to be solved to protect the data in Grafana. For years, cross-site scripting (XSS) has been among the most common web application security vulnerabilities.

Read Post
canonical

Managing security vulnerabilities and compliance for U.S. Government with Ubuntu Pro

Jun 29, 2023 By Henry Coggill In Canonical
Complying with US government security standards such as FIPS, FedRAMP, and DISA-STIG is essential for federal agencies and any business that deploys systems and services for U.S. government use. However, maintaining a compliant IT ecosystem is a major undertaking, as each regulation brings a host of specialised requirements. And dealing with the never-ending stream of security vulnerabilities that require patching only adds to this task.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.