Collaborate Disseminate
Determining the security posture for an increasing quantity of cloud accounts and services used by many organizations can feel overwhelming, but Tripwire Configuration Manager can help you find, fix, and even enforce settings for common security proble… Continue reading Cloud Auto-Remediation and Enforcement with Tripwire Configuration Manager
In a previous blog, I discussed securing AWS management configurations by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best p… Continue reading 8 Cloud Security Best Practice Fundamentals for Microsoft Azure
A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is … Continue reading Joint Cybersecurity Advisory on Threat Hunting and Incident Response Released
A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is … Continue reading Joint Cybersecurity Advisory on Threat Hunting and Incident Response Released
Welcome to the second part of this two-part blog series for administrators who are new to the Chromebook enterprise system. In the previous blog, we discussed settings that are applicable to users and applications. In this blog, we will further explore… Continue reading Meeting the Challenges of Remote Work with Chrome OS Policy Settings – Part II
At some point in the past, I began making new year’s resolutions for doing a bit of personal privacy and security maintenance on New Year’s Day or thereabouts. I would usually have a bit of downtime to finally get around to doing the things… Continue reading Start the Year Right with a Security and Privacy Check Up
As we wind down 2019, it is a great time to think about your vulnerability management plans for the coming year. The five W’s can help guide our efforts as we resolve to improve our digital security for the coming new year. What Is Vulnerability … Continue reading Five “W’s” for Vulnerability Management
A critical vulnerability has been discovered in the popular iTerm2 application, an open source terminal emulator program designed to replace the default Apple Terminal in macOS. iTerm2 often finds its way into lists of some of the best software to inst… Continue reading Critical Security Vulnerability Disclosed in iTerm2 App
Amazon Web Services recently announced new capabilities in the AWS Systems Manager Session Manager. Users are now capable of tunneling SSH (Secure Shell) and SCP (Secure Copy) connections directly from a local client without the need for the AWS manage… Continue reading Using AWS Session Manager with Enhanced SSH and SCP Capability
Often claimed as a worst-case scenario, a container breakout vulnerability has been discovered in RunC, the universal container runtime used by Docker, Kubernetes and other containerization systems. Further research has discovered that a similar versio… Continue reading High Severity RunC Vulnerability Exposes Docker And Kubernetes Hosts