Operations | Monitoring | ITSM | DevOps | Cloud

Vulnerability

This VideoGame Vulnerability was a Huge Headache: Unpacking Log4j Ep.22 | Security Insights Podcast

Aug 10, 2023 By Ivanti In Ivanti
Ivanti finds, heals, and protects every device, everywhere – automatically. Whether your team is down the hall or spread around the globe, Ivanti makes it easy and secure for them to do what they do best. Ivanti is IT for the way we work now. Integrated solutions for everything IT touches. So, employees can work better, anywhere, and everywhere.
View Video
solarwinds

Common API Vulnerabilities and How to Secure Them

Aug 7, 2023 By Papertrail Team In SolarWinds
Application programming interfaces (APIs) have become a critical part of almost every business. APIs are responsible for transferring information between systems within a company or to external companies. For example, when you log in to a website like Google or Facebook, an API processes your login credentials to verify they are correct.
Read Post
onpage

The DevSecOps Toolchain: Vulnerability Scanning, Security as Code, DAST & More

Jul 28, 2023 By Gilad Maayan In OnPage

DevSecOps is a philosophy that integrates security practices within the DevOps process. DevSecOps involves creating a ‘security as code’ culture with ongoing, flexible collaboration between release engineers and security teams. The main aim of DevSecOps is to make everyone accountable for security in the process of delivering high-quality, secure applications. This culture promotes shorter, more controlled iterations, making it easier to spot code defects and tackle security issues.

Read Post

End-to-End Risk-Based Vulnerability & Patch Management from Ivanti

Jul 26, 2023 By Ivanti In Ivanti
Ivanti has created an end-to-end vulnerability prioritization and patching experience to automate the handoff of CVEs from security teams to IT ops. Customers can now remediate vulnerabilities more quickly and easily than ever with this risk-based vulnerability and patch management solution. Ivanti finds, heals, and protects every device, everywhere – automatically. Whether your team is down the hall or spread around the globe, Ivanti makes it easy and secure for them to do what they do best.
View Video

Spotting Vulnerabilities at Rest and at Runtime feat. Cloudsmith and Sysdig

Jul 18, 2023 By Cloudsmith In Cloudsmith
The rise and popularity of containers and Kubernetes have revolutionised the IT industry but also introduced a lot of complexity including a huge number of vulnerabilities coming from different container image layers. To master those vulnerabilities both DevOps and Security teams are struggling to prioritise and address them, often without sufficient clarity or accountable insights.
View Video
NinjaOne

Unpatched Microsoft 0-Day: How to Mitigate CVE-2023-36884 with PowerShell

Jul 13, 2023 By Jonathan Crowe In NinjaOne

Microsoft's July 2023 Patch Tuesday updates highlighted several vulnerabilities under active exploitation, including one (or more?) that remains unpatched. Here's what you need to know about CVE-2023-36884, a zero-day vulnerability that attackers are exploiting to gain remote code execution via "specially-crafted" Microsoft Office documents.

Read Post
grafana

Trusted Types: How we mitigate XSS threats in Grafana 10

Jul 11, 2023 By Kristian Bremberg, Tobias Skarhed In Grafana

Grafana is a rich platform for data visualization, giving you full control over how your data should be visualized. However, this flexibility and freedom comes with some challenges from a security perspective — challenges that need to be solved to protect the data in Grafana. For years, cross-site scripting (XSS) has been among the most common web application security vulnerabilities.

Read Post
canonical

Managing security vulnerabilities and compliance for U.S. Government with Ubuntu Pro

Jun 29, 2023 By Henry Coggill In Canonical
Complying with US government security standards such as FIPS, FedRAMP, and DISA-STIG is essential for federal agencies and any business that deploys systems and services for U.S. government use. However, maintaining a compliant IT ecosystem is a major undertaking, as each regulation brings a host of specialised requirements. And dealing with the never-ending stream of security vulnerabilities that require patching only adds to this task.
Read Post
InvGate

New Apple Zero-Days: Patch CVE 2023-32434 and CVE 2023-32435

Jun 28, 2023 By Brenda Gratas In InvGate
Apple released a series of patches today to address zero-day vulnerabilities CVE-2023-32434 and CVE-2023-32435. As Patch Management’s best practices indicate, the company advised updating the following products: iOS, iPadOS, macOS, watchOS, and Safari browser. Keep reading to understand the extent of the exploits and discover how to easily spot outdated devices on your network using InvGate Insight.
Read Post
ivanti

How IT Device Discovery Can Identify Your Network's Assets and Vulnerabilities

Jun 22, 2023 By Steve Feldstein In Ivanti

The security of your organization’s network is paramount to its success. With the ever-changing landscape of cyber threats, it's important to take the necessary steps to ensure that your network is secure and compliant with industry regulations. Ensuring compliance requires you to know what’s on your network. But how can that be done when only 48% of leaders and security professionals say they run their asset discovery program at least once per week?

Read Post
Subscribe to Vulnerability

Copyright © 2024 OpsMatters™. All rights reserved.