Topic: security
SentinelOne announces Automated Application Control Engine to secure cloud and containerized workloads
SentinelOne has released a new automated application control engine that is designed to secure cloud and containerized workloads without human intervention. The automated engine eliminates the need to manually maintain allow-lists, which preserves cloud and container workload’s immutable states while also defending against malware, cryptojacking, and zero-day threats. “It is critical to defend cloud and … continue reading
ITOps Times news digest: Oracle Cloud VMware, Red Hat Virtualization 4.4, etcd security audit
Oracle has announced its VMware solution is now available. The Oracle Cloud VMware solution is a cloud-native VMware-based environment that enables users to move VMware workloads to Oracle Cloud Infrastructure. “Building new digital services. Scaling business-critical apps. Enabling a remote workforce. Applications sit at the core of addressing these challenges, and hybrid cloud opens the … continue reading
Tanium and Google Cloud team up to protect distributed business operations
Endpoint management and security provider Tanium and Google Cloud are expanding their partnership to support distributed business operations. According to the companies, as more employees transition to remote work and organizations become more distributed, IT and security teams are having to defend against an increasing number of cyberattacks while maintaining availability and security. “According to … continue reading
ITOps Times news digest: Threat Stack for AWS Fargate, Aqua Security now on Red Hat Marketplace, and Aerospike Database 5.1
The company is extending its observability solution to the Amazon Elastic Container Service compute engine. The new capabilities will enable users to monitor AWS Fargate aspects such as processes, network activity, and running code. “Our ‘Leveraging DevSecOps to Secure Cloud-native Applications’ report shows the top container security challenge is aligning the architectural implementation of a … continue reading
Patch management can be a challenge, but not impossible
Updating systems on a regular basis is one of the best lines of defense against cyberattacks, but many companies are still struggling to effectively do patch management. According to a study conducted by ServiceNow and the Ponemon Institute, of the nearly half of respondents who had a data breach in the past two years, 60% … continue reading
Google to protect cloud services with Private Service Connect
Google wants to make sure organizations are secure in the cloud, and is releasing Private Service Connect alpha to achieve that goal. According to the company, as organizations start to take advantage of more cloud services, it can be challenging and complex to manage routing topologies, different networks, different organizations and the information being shared … continue reading
Twitter attack highlights the need for security awareness training
Yesterday, Twitter suffered a massive attack in which several high profile Twitter accounts were compromised. The account was carried out using social engineering, Twitter has verified. Affected accounts, which included Bill Gates, Elon Musk, Barack Obama, Joe Biden, and other high profile figures, began tweeting the address of a bitcoin wallet, along with the message … continue reading
ITOps Times Open-Source Project of the Week: Tsunami
Google is open-sourcing its network security scanning engine in the hopes of helping organizations protect data. Tsunami is designed to detect high severity vulnerabilities with high confidence. “When an attacker begins to exploit security vulnerabilities or security misconfigurations, such as weak passwords, an organization needs to react quickly in order to protect potentially vulnerable assets. … continue reading
Tripwire releases Configuration Manager to help manage security across complex cloud environments
Tripwire Configuration Manager presents an integrated view of cloud assets, offers automated remediation, and monitors misconfigurations in the cloud. With these capabilities the offering centralizes the configuration monitoring of cloud assets with a single SaaS-based console and helps to alleviate pressures on security temas with an option for automated remediation, according to the company. “As … continue reading
Bitglass strengthens integration with Duo Security
Bitglass announced a deepened integration with Duo Security to balance enterprise-grade access control and data protection with a user experience designed to support a global, remote, and multi-device workforce, according to the companies in a post. Bitglass’ Next-Gen Cloud Access Security Broker (CASB) provides end-to-end security and comprehensive visibility over corporate data, limits sharing, prevents data … continue reading
Palo Alto Networks launches ML-powered firewall
Palo Alto Networks launched an ML-powered Next-Generation Firewall (NGFW) with PAN-OS 10.0, which embeds machine learning in the core of the firewall to proactively assist in intelligently stopping threats, securing IoT devices, and recommending security policies. Palo Alto Networks stated that by bringing these industry firsts into a single system, organizations can protect against up … continue reading
JumpCloud releases Directory Insights
JumpCloud announced Directory Insights, its new event logging feature that provides IT administrators with a complete picture of an end user’s access and access rights. “It’s a challenge to track all the changes that can happen to a user’s access, all of the applications they access, and furthermore when things go wrong, pinpoint the root … continue reading
