Search results for: open sources

Appointments

Riya Shanmugam joins New Relic as Group VP of Global Alliances and Channels

New Relic has appointed Riya Shanmugam as Group Vice President of Global Alliances and Channels to further develop and strengthen the company’s partner strategy and channel programs. As enterprises across every industry and region continue to realize the benefits of cloud-based observability as an open, connected, and programmable practice for every engineer across every stage of the software lifecycle, partners will continue to be essential in bringing the value of New Relic One to more … More

lock

Secure cloud products and services with new CIS Benchmarks

The cloud continues to expand with new products and services constantly introduced by cloud service providers (CSPs). The Center for Internet Security (CIS) responded with more resources to help secure these capabilities in the cloud. The Beginner’s Guide to Secure Cloud Configurations describes how users can secure public cloud accounts, products, services, and more. New guidance from the CIS Benchmarks community CIS called upon its network of volunteers to expand their guidance for the public … More

innovation

Which technologies will be the most important in 2022?

IEEE released the results of a survey of global technology leaders from the U.S., U.K., China, India and Brazil. The study, which included 350 CTOs, CIOs and IT directors, covers the most important technologies in 2022, industries most impacted by technology in the year ahead, and technology trends through the next decade. The most important technologies, innovation, sustainability and the future Among total respondents, 21% say AI and machine learning, cloud computing (20%) and 5G … More

open source

Securing open-source code supply chains may help prevent the next big cyberattack

The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my software supply chain secure?” After months of analysis, we know that many (some might argue most) organizations are vulnerable to supply chain attacks. In a business world in which we all have so many third-party dependencies, no organization is an island, and no one is immune. The … More

online shopping

Small businesses urged to protect their customers from card skimming

With Black Friday and Cyber Monday quickly approaching, the UK National Cyber Security Centre (NCSC) is urging small online shops to protect their customers from card skimming cyber criminals. As part of NCSC’s Active Cyber Defence programme, the organization has already notified this year 4,151 small businesses that their sites have been compromised to steal customers’ payment details, and is now advising the rest to be on the alert. Online shops and card skimming: The … More

Software

Red Hat OpenShift Data Science enables companies to solve critical business challenges

Red Hat released Red Hat OpenShift Data Science as a field trial, as well as an expanded partner ecosystem focused on this new cloud service offering. As leading artificial intelligence and machine-learning (AI/ML) partners support the service, Red Hat customers are provided with a range of solutions optimized for Red Hat OpenShift, letting them select the technologies to best meet their specific machine learning needs across the open hybrid cloud and edge computing environments. Red … More

python pi

Malicious Python packages employ advanced detection evasion techniques

JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over 41,000 times. This is not the first time that malicious packages have been successfully introduced into online package repositories and will surely not be the last. What’s worrying the researchers is that attackers are using increasingly advanced techniques to avoid detection. Detection evasion techniques The malicious packages – importantpackage, important-package, pptest, ipboards, … More

syringe

Top 5 cybersecurity considerations for file uploads of vaccination records

As vaccination mandates become more common, immunization records are increasingly required across the world. Organizations are turning to the digital space to upload images of COVID-19 record cards as electronic proof of vaccination. Having a web application for uploading proof of vaccination records is a double-edged sword. When implemented properly, web applications save a good deal of time verifying everyone’s health information. But vaccination cards submitted to an online portal can expose organizations and their … More

Software

Fugue helps cloud teams to prepare for and meet the AWS Well-Architected Framework

Fugue announced support for automatically checking Amazon Web Services (AWS) cloud environments and infrastructure as code (IaC) for adherence to the AWS Well-Architected Framework. AWS customers can significantly reduce the time and engineering resources required to prepare for the AWS Well-Architected Framework review process and generate a prioritized remediation plan to meet controls in the security and reliability pillars. With Fugue, cloud engineering and security teams can evaluate their AWS CloudFormation and Terraform templates pre-deployment … More

Acquisitions

DataCore acquires MayaData to accelerate container deployments for cloud-first enterprises

DataCore Software announced it will acquire MayaData. The move follows a joint venture between the two companies in January 2020 that included funding, technology licensing, transfer of the DataCore container team to MayaData, and seats on the board of directors for DataCore’s CEO and primary investors. MayaData and its entire San Jose, CA-based team become part of DataCore. Financial terms were not disclosed. As more container workloads enter production, Container-Attached Storage has generated significant interest … More

Handshake

Arista joins Microsoft Intelligent Security Association to help improve customer security

Arista Networks announced it has joined the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed security service providers that have integrated their solutions to better defend against a world of increasing threats. Arista was nominated based on an integration between Arista’s NDR (Network Detection and Response) platform and Microsoft Azure Sentinel. This integration enables faster remediation of threats by combining network context and threat detection with log-based and endpoint insights … More

Door

Reality check: Your security hygiene is worse than you think it is

Sevco Security published a report which explores the gap between perceptions and realities of security hygiene and asset management. Leveraging findings from ESG’s “Security Hygiene and Posture Management Survey,” Sevco’s report addresses five unfounded perceptions that many security teams assume to be true and the realities that unveil alarming security risks. Unrealistic perception of good security hygiene The report reveals that the perception of good security hygiene often leads to gaps in asset inventory that … More