Topic: compliance
AWS introduces new common control library in Audit Manager
AWS has announced the launch of a common control library in AWS Audit Manager, its tool for mapping compliance requirements to AWS usage. The new library provides common controls that are already mapped to AWS data sources, which are based on mapping and reviews conducted by AWS auditors. It also provides the ability to view … continue reading
ITOps Times Open-Source Project of the Week: Falco
Falco is a security solution specifically designed for cloud-native environments on Linux systems. It operates by applying custom rules to kernel events, enhancing these with detailed metadata from containers and Kubernetes. This approach enables Falco to deliver real-time alerts, ensuring users can quickly detect and respond to unusual activity, security threats, and breaches of compliance. … continue reading
Qmulos Q-Compliance V4.4.0 and Q-Audit V3.7.0 are generally available
Qmulos has announced the general availability of Q-Compliance V4.4.0 and Q-Audit V3.7.0, two platforms in its suite of compliance, security, and risk management automation solutions. These releases incorporate workflow and ticketing capabilities, empowering organizations to tailor security and compliance investigations, escalations, and approvals according to their unique needs. By providing these customizable processes, Qmulos aims … continue reading
Tigera announces Calico Security Policy Recommender improvements
Tigera introduced Calico Security Policy Recommender improvements such as security policy recommendations for namespaces, FIPS compliance for use by federal agencies, and new dashboards. The ability to recommend policies at the namespace level along with policies at the pod level enables users to add microsegmentation without worrying about application-level changes. This is useful for customers … continue reading
You can’t scale security and compliance without automation
Lately, I’ve seen more breaches happening from internal errors than from big hacks or network breaches — and unless we step back and figure out how to effectively embed security and compliance and scale them automatically, this trend will continue. There are compound factors at play — infrastructure and DevOps teams are stretched thin from … continue reading
ManageEngine announces new endpoint management capabilities
ManageEngine announced the addition of data loss prevention for endpoints, anti-ransomware and endpoint compliance capabilities to its unified endpoint management (UEM) solution, Desktop Central. This follows a 500% spike in ransomware attacks since the move to remote work last year, according to a Bitdefender report. Also, ManageEngine’s 2021 Digital Readiness Survey found that 83% of … continue reading
Auth0 now available on Microsoft Azure
Auth0 announced that it launched its Auth0 Identity Platform on Microsoft Azure to unlock a secure cloud deployment option for organizations seeking strategic fit with their technology stack. Auth0’s identity platform provides organizations with tools to support security, compliance, and data residency that apply to them. Organizations requiring data residency options can take advantage of … continue reading
Lookout announces Zero Trust solution that adapts to changes in risk level
Lookout announced its new Zero Trust solution for any app that dynamically adapts based on data sensitivity and on a continuous risk assessment of endpoints and users. The solution is an expansion of Lookout Continuous Conditional Access (CCA), achieved by integrating the company’s Mobile Endpoint Security and Secure Access Service Edge (SASE) solutions. Organizations have … continue reading
The Cloud Security Alliance announces new risks, threats and vulnerabilities for migrating to the hybrid cloud
With hybrid clouds now often the starting point for organizations in their cloud journey, management, access control, data use, and service contracts become more difficult with multi-cloud convergence, according to the Cloud Security Alliance in a whitepaper. “Although the hybrid cloud environment seamlessly integrates private and public cloud, bringing onboard new IT capabilities to the … continue reading
Puppet to simplify infrastructure configuration compliance policies with Puppet Comply
Puppet has announced a new solution designed to simplify hybrid infrastructure compliance for the Global 5000. Puppet Comply will work in conjunction with Puppet Enterprise to assess, remediate, and enforce infrastructure configuration compliance policies at scale. Additionally, the solution is designed to work across traditional and cloud environments. “In today’s enterprise, CIOs are responsible for … continue reading
Three questions to ask to ensure hybrid cloud compliance
As we continue to try to exist in a world where data breaches are commonplace occurrences, organizations have to ask more questions when it comes to storing data. This is especially true when data is being stored with a third party. Companies need to comply, not only with their own internal rules, but with external … continue reading
StackRox introduces compliance features in the latest version of its Kubernetes platform
Container security company StackRox is giving customers the means to meet more compliance standards with its latest release of the StackRox Kubernetes Security Platform. Now, the solution offers ways for organizations to verify and provide evidence that they are complying with NIST SP 800-190, PCI DSS 3.2, and HIPAA standards. Organizations will be able to … continue reading
