article

Cryptomining Overview for DevOps

Posted on April 21, 2022April 23, 2022 by Admin

What is cryptomining? Malicious cryptomining or cryptocurrency-mining is when cybercriminals exploit unpatched vulnerabilities, weak credentials, or misconfigurations to enter systems and utilize its computer power to generate cryptocurrency. DevOps and cryptomining While ransomware seems to be the hot topic, cryptomining is still a cyberattack with dire consequences. Remember Apache Log4j (Log4Shell)—to be honest, who can forget? This critical vulnerability was mostly observed in the wild in cryptomining attacks. Think of the uptick in cryptomining like…

Posted in RSS_Virtulization Tagged article, cloud native, expert perspective, multi cloud

Secure application development for the cloud best practices

Posted on April 20, 2022April 22, 2022 by Admin

Why follow best practices? Understanding and following best practices as well as building in the cloud on Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform™, Kubernetes, containers, and applications will enable you to get the most out of your toolkit. This includes more security as you are building, more proficiency with the tools and services you are using, better structure, faster environment, a reliable system that will withstand outages, and a more cost-effective solution….

Posted in RSS_Virtulization Tagged article, AWS, best practices, cloud native, conformity, container security, serverless security

Cybersecurity Basics: Authentication and Authorization

Posted on April 13, 2022April 13, 2022 by Admin

What is identity and access management? Identity and access management (IAM) ensures the right people in the right job roles can access the tools, systems, and services absolutely necessary to do their jobs. It is part of the foundation to a strong zero trust approach that answers two fundamental questions you should be asking about every solution you build: who is that and what have we allowed them to do? The “Who” Determining who you…

Posted in RSS_Virtulization Tagged article, best practices, cloud native, multi cloud

Why the Mitre Engenuity ATT&CK Evaluations Matter for CISOs

Posted on April 8, 2022April 9, 2022 by Admin

Why the Mitre Engenuity ATT&CK Evaluations Matter for CISOs This year’s MITRE Engenuity™ ATT&CK Evaluation simulates techniques associated with notorious threat groups Wizard Spider and Sandworm to test solutions’ ability to detect and stop APT and Targeted Attacks. By: Trend Micro April 08, 2022 Read time: ( words) As the cyber attack surface continues to rapidly expand, enterprises need a security solution that can help organizations to better understand, communicate, and mitigate cyber risk across…

Posted in RSS_Virtulization Tagged article, Cloud, detection and response, expert perspective, risk management

How to Optimize Your Lambda Code

Posted on April 7, 2022April 7, 2022 by Admin

This code worked well in our tests and was approved in the code review process. It returns True when there are two files with the right prefixes, and it returns False when there isn’t. Simple enough. That wasn’t what happened in real life, however. It would still work in the scenario where the right files are there, but it would, only sometimes, return True when just one of the files were there. And this was…

Posted in RSS_Virtulization Tagged article, AWS, cloud native, how to, serverless security

5 Zero Trust Security Model DevOps Integrations

Posted on April 6, 2022April 7, 2022 by Admin

Five key pillars of zero trust A zero trust security approach across can be broken down into five distinct pillars: device trust, user trust, transport/session trust, application trust, and data trust. To efficiently coordinate the security of each pillar consider leveraging a cybersecurity platform that gives you visibility into your entire IT infrastructure, with the access to security automation tools, customizable APIs, and a broad set of third-party integrations. 1. Device trustThe number of devices…

Posted in RSS_Virtulization Tagged article, cloud native, how to, multi cloud

How CISOs can Mitigate Cryptomining Malware

Posted on March 29, 2022March 29, 2022 by Admin

How CISOs can Mitigate Cryptomining Malware Risk Management Learn more about cloud-based cryptomining, its repercussions, and how CISOs can create an effective risk mitigation strategy for this threat. By: Jon Clay March 29, 2022 Read time: ( words) As cryptocurrencies continue to grow in popularity, organizations are increasingly at risk for cryptomining attacks. In fact, Apache Log4j (Log4Shell)—the holiday gift no one asked for—was observed to be mostly used for cryptomining and ransomware by cybercriminals….

Posted in RSS_Virtulization Tagged article, Cloud, expert perspective, risk management

Terraform Tutorial: Drift Detection Strategies

Posted on March 28, 2022March 28, 2022 by Admin

A common misconception among DevOps teams using infrastructure as code (IaC) tools is that the templates they use to run their deployments are infallible sources of truth. Instead, a fundamental challenge of architectures built using tools like Terraform is configuration drift. This occurs when the actual state of your infrastructure begins to accumulate changes and deviates from the configurations defined in your code. Configuration drift can occur for many reasons, regardless of how good your…

Posted in RSS_Virtulization Tagged article, AWS, Azure, cloud native, conformity, expert perspective, multi cloud

Threat Intelligence: Cyber Risk Management Strategies

Posted on March 24, 2022March 24, 2022 by Admin

4. Old vulnerabilities remain relevant While Apache Log4Shell (Log4j) was arguably the most prominent zero-day vulnerability of 2021, older flaws remained relevant and effective as well. Data from Trend Micro™ TippingPoint™ shows that the greatest number of detections (75 million) this year were of CVE-2019-1225, a memory disclosure flaw in Microsoft’s Remote Desktop Services (RDS) discovered in August 2019. Explaining cyber risk to the board As the digital attack surface expands due to the accelerated…

Posted in RSS_Virtulization Tagged article, Cloud, digital transformation, expert perspective, risk management

5 Frequent Cybersecurity Software Vulnerabilities & Indicators

Posted on March 22, 2022March 22, 2022 by Admin

Vulnerabilities in software and infrastructure are a fact of life for developers and SREs, but that doesn’t mean you must accept them. Given the exponential growth of vulnerabilities, DevOps teams must be aware of and learn how to mitigate these risks to ensure healthy systems and applications. This article will focus on five common vulnerabilities in no particular order of severity. We’ll examine some in-depth information on each vulnerability’s root cause and how it can…

Posted in RSS_Virtulization Tagged article, cloud native, how to, multi cloud, open source security by snyk, serverless security

« 1 … 11 12 13 14 15 … 17 »

article

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)