Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

3 Keys to Maximizing SIEM Value

Jun 6, 2023 By Jake O'Donnell In logz.io

SIEM has been a crucial component of security systems for nearly two decades. While there’s ample information on operating SIEM solutions out there, guidance on evaluating and managing them effectively is lacking. We’ve noticed many SIEM vendors are taking advantage of this dearth of knowledge and not providing customers with needed value for what they’re buying.

Read Post

logz.io

Read more about 3 Keys to Maximizing SIEM Value

Transforming Your Business through Security Offerings

Jun 6, 2023 By N-able In N-able

Many service providers are wondering how to best position their security offerings in the current market. This exclusive, two-day program helped MSP executives and security leaders answer: What positions can I take and what are the trade-offs? How will they impact my go-to-market approach? Should I build capabilities internally, or partner externally? What are growing security providers doing differently and better?

View Video

N-able

Read more about Transforming Your Business through Security Offerings

A holistic approach to securing Spark-based data engineering

Jun 5, 2023 By Canonical In Canonical

Apache Spark is an open-source toolkit that helps users develop parallel, distributed data engineering and machine learning applications and run them at scale. In this webinar, Rob Gibbon – product manager, and Massimiliano Gori – senior information security lead, will survey the state of big data security best practices and outline both high level architectures and pragmatic steps that you can take to secure your Spark applications – wherever they may be running.

View Video

Canonical

Read more about A holistic approach to securing Spark-based data engineering

CRLF Injection, Explained: An In-Depth Guide

Jun 4, 2023 By Juan Reyes In Kosli

In this in-depth guide we’ll explore CRLF injection, a web application security vulnerability that can have severe consequences. First, we’ll cover what CRLF injection is, the types of CRLF injection attacks, and their potential impacts. Additionally, we’ll discuss similarities with other attacks, payloads used in these exploits, and how to prevent CRLF injection. Finally, we’ll touch on the role of OWASP in addressing this security risk.

Read Post

Kosli

Read more about CRLF Injection, Explained: An In-Depth Guide

Terraform Import: What It Is and How to Use It

Jun 4, 2023 By Juan Reyes In Kosli

In this post we’ll explore Terraform Import, a powerful command-line tool that allows you to bring existing infrastructure under Terraform management. We’ll cover what Terraform Import is, its common use cases, and how to use it effectively. Additionally, we’ll discuss some limitations you should be aware of when using Terraform Import.

Read Post

Kosli

Read more about Terraform Import: What It Is and How to Use It

Modernize Your SIEM Architecture

Jun 3, 2023 By Cribl In Cribl

Join Ed Bailey from Cribl and John Alves from CyberOne Security as they discuss the struggles faced by many SIEM teams in managing their systems to control costs and extract optimal value from the platform. The prevalence of bad data or an overwhelming amount of data leads to various issues with detections and drives costs higher and higher. It is extremely common to witness a year-over-year cost increase of up to 35%, which is clearly unsustainable.

View Video

Cribl

Read more about Modernize Your SIEM Architecture

Docker container security: demystifying FIPS-enabled containers with Ubuntu Pro

Jun 2, 2023 By Valentin Viennot In Canonical

In today’s rapidly changing digital environment, the significance of robust Docker container security measures cannot be overstated. Even the containerised layer is subject to compliance standards, which raise security concerns and compliance requirements. Docker container security measures entail safeguarding our lightweight, appliance-type containers –each encapsulating code and its dependencies– from threats and vulnerabilities.

Read Post

Canonical

Read more about Docker container security: demystifying FIPS-enabled containers with Ubuntu Pro

Protecting Our Partners from Cyber Attacks

Jun 2, 2023 By N-able In N-able

N-able Chief Security Officer David MacKinnon discusses how we protect our partners from cyber attacks.

View Video

N-able

Read more about Protecting Our Partners from Cyber Attacks

Securing Apache Spark Big Data Operations

Jun 2, 2023 By Canonical In Canonical

Apache Spark is an open source toolkit that helps users develop parallel, distributed data engineering and machine learning applications and run them at scale. In this webinar, Rob Gibbon – product manager, and Massimiliano Gori – senior information security lead, will survey the state of big data security best practices and outline both high level architectures and pragmatic steps that you can take to secure your Spark applications – wherever they may be running.

View Video

Canonical

Read more about Securing Apache Spark Big Data Operations

The Human Element of Preventing Supply Chain Attacks: Security Insights Podcast Ep. 12

Jun 1, 2023 By Ivanti In Ivanti

Welcome to Security Insights: where best-practice cybersecurity meets the real-world risks, workplaces, and roadblocks you face every day. Join Chris Goettl, head of Endpoint Security Product Management, and Ashley Stryker, your cybersecurity "rubber duck", as they review the security strategies and tactics that truly matter to the information security teams protecting organizations, agencies, and businesses like yours.

View Video