Security News

The role of Kubernetes in modern app management
2023-11-06 04:00

Kubernetes, often abbreviated as K8s, is an open-source container orchestration platform that has redefined the way modern applications are developed, deployed, and managed. Born out of Google's internal container orchestration system, Kubernetes has become the de facto standard for containerized application management, offering a powerful and flexible platform for automating containerized applications' deployment, scaling, and management.

Vulnerability management metrics: How to measure success
2023-10-31 04:30

Without the right metrics, vulnerability management is pretty pointless. Intruder makes vulnerability management easy by explaining the risks and providing actionable remediation advice.

Logging Made Easy: Free log management solution from CISA
2023-10-30 10:07

CISA launched a new version of Logging Made Easy, a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. CISA's version reimagines technology developed by the United Kingdom's National Cyber Security Centre, making it available to a broader audience on GitHub.

Make API Management Less Scary for Your Organization
2023-10-24 10:59

While application development has evolved rapidly, the API management suites used to access these services remain a spooky reminder of a different era. Introducing new API management...

CISA and NSA Issues New Identity and Access Management Guidance for Vendors
2023-10-16 21:26

In an email interview with TechRepublic, Jake Williams, faculty member at IANS Research and former NSA offensive hacker, said, "The publication highlights the challenges with comparing the features provided by vendors. CISA seems to be putting vendors on notice that they want vendors to be clear about what standards they do and don't support in their products, especially when a vendor only supports portions of a given standard." According to CISA and the NSA, the definitions and policies of the different variations of MFAs are unclear and confusing.

DIY attack surface management: Simple, cost-effective and actionable perimeter insights
2023-10-16 08:35

Modern-day attack surface management can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being decommissioned, and ongoing migrations to cloud providers. For these reasons, attack surface management tooling must be extremely scalable and fast, balancing acceptable levels of accuracy loss to lower the overall time to find assets and detect ephemeral risks.

How to avoid the 4 main pitfalls of cloud identity management
2023-09-28 04:50

One of the core benefits of the cloud is the ability to move fast and innovate rapidly, which means teams may just throw in the towel and grant admin privileges to their entire cloud identities instead of tackling the massive deluge of individual requests for access. Cloud identity management is a real challenge, but organizations are capable of preventing identity risk exposure and identity threats, especially if they avoid the four common pitfalls.

Strong compliance management is crucial for fintech-bank partnerships
2023-09-20 03:00

Bank-fintech partnerships continue to rise as financial institutions look to streamline operations, improve customer experiences, drive profitability, and manage risk and compliance efforts. The guidance promotes standardization for assessing third-party risk and describes sound risk management principles when developing and implementing third-party risk management practices.

Best IT Asset Management Software for 2023
2023-09-18 15:58

IT asset management software comparison Asset Panda: Best for allowing unlimited users. Through UpKeep's Asset Operations Management Platform, teams can monitor asset maintenance, manage assets throughout their life cycles and improve asset performance.

ORBCOMM ransomware attack causes trucking fleet management outage
2023-09-15 13:33

Trucking and fleet management solutions provider ORBCOMM has confirmed that a ransomware attack is behind recent service outages preventing trucking companies from managing their fleets.Customers have told BleepingComputer that ORBCOMM has not shared what was causing the outage and only recently said that they hope to restore services by September 29th. After contacting the company, ORBCOMM confirmed they suffered a ransomware attack on September 6th that impacted the company's FleetManager solution and Blue Tree product line.