Search results for: open sources

Infosec products of the month: November 2021

Here’s a look at the most interesting products from the past month, featuring releases from 1Password, Avast, Boxcryptor, Code42, ColorTokens, Cynamics, Fortanix, Hiya, Huntsman Security, Imperva, iStorage, Jetico, Netscout, Palo Alto Networks, Siren, Saviynt, StorONE, Tenable, The Linux Foundation, ThreatQuotient, Tufin, Viavi Solutions and WatchGuard. Nessus 10 is out, with Raspberry Pi support Tenable has released Nessus 10 and extended supported platforms to include Raspberry Pi, allowing penetration testers, consultants, security teams and students to … More

security platform

ThreatConnect 6.4 allows security operations and CTI analysts to improve threat intelligence process

ThreatConnect is announcing ThreatConnect 6.4, which introduces new capabilities that allow security operations and cyber threat intelligence (CTI) analysts to get useful context faster during investigations and to better measure team efficiencies. ThreatConnect combines its Threat Intelligence Platform (TIP) and Security Orchestration and Automation platform (SOAR), creating a continuous feedback loop that helps make Intelligence-Driven Operations a reality. This latest product release builds upon the foundation of Intelligence-Driven Operations, empowering the workflow of threat intelligence … More


Starburst Galaxy helps enterprises analyze data across cloud platforms

Starburst announced a cross-cloud analytics solution with the latest iteration of its SaaS product Starburst Galaxy. First released in February 2021, this most updated version of Starburst Galaxy now allows customers to query data across cloud platforms seamlessly without sacrificing speed or access. Our research with Red Hat showed that today’s modern enterprises are demanding cross-cloud flexibility. Among survey respondents, 62% expect to have all of their data in the cloud by the end of … More


Riya Shanmugam joins New Relic as Group VP of Global Alliances and Channels

New Relic has appointed Riya Shanmugam as Group Vice President of Global Alliances and Channels to further develop and strengthen the company’s partner strategy and channel programs. As enterprises across every industry and region continue to realize the benefits of cloud-based observability as an open, connected, and programmable practice for every engineer across every stage of the software lifecycle, partners will continue to be essential in bringing the value of New Relic One to more … More


Secure cloud products and services with new CIS Benchmarks

The cloud continues to expand with new products and services constantly introduced by cloud service providers (CSPs). The Center for Internet Security (CIS) responded with more resources to help secure these capabilities in the cloud. The Beginner’s Guide to Secure Cloud Configurations describes how users can secure public cloud accounts, products, services, and more. New guidance from the CIS Benchmarks community CIS called upon its network of volunteers to expand their guidance for the public … More


Which technologies will be the most important in 2022?

IEEE released the results of a survey of global technology leaders from the U.S., U.K., China, India and Brazil. The study, which included 350 CTOs, CIOs and IT directors, covers the most important technologies in 2022, industries most impacted by technology in the year ahead, and technology trends through the next decade. The most important technologies, innovation, sustainability and the future Among total respondents, 21% say AI and machine learning, cloud computing (20%) and 5G … More

open source

Securing open-source code supply chains may help prevent the next big cyberattack

The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my software supply chain secure?” After months of analysis, we know that many (some might argue most) organizations are vulnerable to supply chain attacks. In a business world in which we all have so many third-party dependencies, no organization is an island, and no one is immune. The … More

online shopping

Small businesses urged to protect their customers from card skimming

With Black Friday and Cyber Monday quickly approaching, the UK National Cyber Security Centre (NCSC) is urging small online shops to protect their customers from card skimming cyber criminals. As part of NCSC’s Active Cyber Defence programme, the organization has already notified this year 4,151 small businesses that their sites have been compromised to steal customers’ payment details, and is now advising the rest to be on the alert. Online shops and card skimming: The … More


Red Hat OpenShift Data Science enables companies to solve critical business challenges

Red Hat released Red Hat OpenShift Data Science as a field trial, as well as an expanded partner ecosystem focused on this new cloud service offering. As leading artificial intelligence and machine-learning (AI/ML) partners support the service, Red Hat customers are provided with a range of solutions optimized for Red Hat OpenShift, letting them select the technologies to best meet their specific machine learning needs across the open hybrid cloud and edge computing environments. Red … More

python pi

Malicious Python packages employ advanced detection evasion techniques

JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over 41,000 times. This is not the first time that malicious packages have been successfully introduced into online package repositories and will surely not be the last. What’s worrying the researchers is that attackers are using increasingly advanced techniques to avoid detection. Detection evasion techniques The malicious packages – importantpackage, important-package, pptest, ipboards, … More


Top 5 cybersecurity considerations for file uploads of vaccination records

As vaccination mandates become more common, immunization records are increasingly required across the world. Organizations are turning to the digital space to upload images of COVID-19 record cards as electronic proof of vaccination. Having a web application for uploading proof of vaccination records is a double-edged sword. When implemented properly, web applications save a good deal of time verifying everyone’s health information. But vaccination cards submitted to an online portal can expose organizations and their … More


Fugue helps cloud teams to prepare for and meet the AWS Well-Architected Framework

Fugue announced support for automatically checking Amazon Web Services (AWS) cloud environments and infrastructure as code (IaC) for adherence to the AWS Well-Architected Framework. AWS customers can significantly reduce the time and engineering resources required to prepare for the AWS Well-Architected Framework review process and generate a prioritized remediation plan to meet controls in the security and reliability pillars. With Fugue, cloud engineering and security teams can evaluate their AWS CloudFormation and Terraform templates pre-deployment … More