Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Terraform Import: What It Is and How to Use It

Jun 4, 2023 By Juan Reyes In Kosli

In this post we’ll explore Terraform Import, a powerful command-line tool that allows you to bring existing infrastructure under Terraform management. We’ll cover what Terraform Import is, its common use cases, and how to use it effectively. Additionally, we’ll discuss some limitations you should be aware of when using Terraform Import.

Read Post

Kosli

Read more about Terraform Import: What It Is and How to Use It

Modernize Your SIEM Architecture

Jun 3, 2023 By Cribl In Cribl

Join Ed Bailey from Cribl and John Alves from CyberOne Security as they discuss the struggles faced by many SIEM teams in managing their systems to control costs and extract optimal value from the platform. The prevalence of bad data or an overwhelming amount of data leads to various issues with detections and drives costs higher and higher. It is extremely common to witness a year-over-year cost increase of up to 35%, which is clearly unsustainable.

View Video

Cribl

Read more about Modernize Your SIEM Architecture

Docker container security: demystifying FIPS-enabled containers with Ubuntu Pro

Jun 2, 2023 By Valentin Viennot In Canonical

In today’s rapidly changing digital environment, the significance of robust Docker container security measures cannot be overstated. Even the containerised layer is subject to compliance standards, which raise security concerns and compliance requirements. Docker container security measures entail safeguarding our lightweight, appliance-type containers –each encapsulating code and its dependencies– from threats and vulnerabilities.

Read Post

Canonical

Read more about Docker container security: demystifying FIPS-enabled containers with Ubuntu Pro

Protecting Our Partners from Cyber Attacks

Jun 2, 2023 By N-able In N-able

N-able Chief Security Officer David MacKinnon discusses how we protect our partners from cyber attacks.

View Video

N-able

Read more about Protecting Our Partners from Cyber Attacks

Securing Apache Spark Big Data Operations

Jun 2, 2023 By Canonical In Canonical

Apache Spark is an open source toolkit that helps users develop parallel, distributed data engineering and machine learning applications and run them at scale. In this webinar, Rob Gibbon – product manager, and Massimiliano Gori – senior information security lead, will survey the state of big data security best practices and outline both high level architectures and pragmatic steps that you can take to secure your Spark applications – wherever they may be running.

View Video

Canonical

Read more about Securing Apache Spark Big Data Operations

The Human Element of Preventing Supply Chain Attacks: Security Insights Podcast Ep. 12

Jun 1, 2023 By Ivanti In Ivanti

Welcome to Security Insights: where best-practice cybersecurity meets the real-world risks, workplaces, and roadblocks you face every day. Join Chris Goettl, head of Endpoint Security Product Management, and Ashley Stryker, your cybersecurity "rubber duck", as they review the security strategies and tactics that truly matter to the information security teams protecting organizations, agencies, and businesses like yours.

View Video

Ivanti

Read more about The Human Element of Preventing Supply Chain Attacks: Security Insights Podcast Ep. 12

Top 3 SIEM Optimizations - How to Get More From Your Existing Tech Stack

Jun 1, 2023 By Bradley Chambers In Cribl

In today’s digital-first world, most security problems are actually data problems, and data volumes are outpacing organizations’ abilities to handle, process, and get value from it. You’ll have 250% more data in five years than you have today, but the chances of your budget increasing to match that are slim. The challenges that come with managing the rise in enterprise data volume directly affect your ability to adequately address cybersecurity risks.

Read Post

Cribl

Read more about Top 3 SIEM Optimizations - How to Get More From Your Existing Tech Stack

Zero trust security for CI/CD pipelines

Jun 1, 2023 By Jacob Schmitt In CircleCI

The zero trust security model is an approach to network security that enforces strict access controls and authentication at every stage of the software development lifecycle. It treats every user, device, and transaction as a security risk and uses the principle of least privilege to restrict access to sensitive resources and minimize the potential attack surface.

Read Post

CircleCI

Read more about Zero trust security for CI/CD pipelines

Migrating to cfbs

Jun 1, 2023 By Nick Anderson In CFEngine

Traditionally, CFEngine policy sets are managed as a whole. When upgrading the Masterfiles Policy Framework (MPF)1 users must download the new version of the policy framework and integrate it into the existing policy set, carefully diffing the vendored policy files against their currently integrated policy. Updates to policy authored by others must be sought out and similarly integrated.

Read Post

CFEngine

Read more about Migrating to cfbs

Don't Take the Bait: Tips to Avoid Falling Victim to Phishing and Baiting

May 31, 2023 By OpsMatters In OpsMatters

The old days of a hacker sitting alone in a basement typing feverishly to breach a database are over. That's just for the movies. In the real world, almost all cyberattacks are socially engineered, meaning we fall for scams. Of course, there are levels to creating a scam. It can range anywhere from getting an email from a Nigerian prince claiming you've won millions of dollars to an email from your bank asking for your personal information. With so many situations to look out for, here are some general tips so you don't take the bait.

Read Post