Authentication, Authorization, Blog and Vulnerability

What We Can Learn from the Log4j Vulnerability

Pure Storage

JANUARY 21, 2022

In December, a critical zero-day vulnerability was reported in the widely used Log4j framework. Log4j is so ubiquitous, in fact, that Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly called this “the most serious vulnerability I have seen in my decades-long career.”. And that’s the key to the vulnerability.

Vulnerability

Vulnerability Internet Cybersecurity Authentication

How to Implement Threat Modeling in Your DevSecOps Process

Pure Storage

AUGUST 3, 2023

How to Implement Threat Modeling in Your DevSecOps Process by Pure Storage Blog This blog on threat modeling was co-authored by Dr. Ratinder Paul Singh Ahuja, CTO for Security and Networking, and Rajan Yadav , Director of Engineering, CNBU (Portworx), Pure Storage. What Is Threat Modeling?

Authentication

Authentication Vulnerability Authorization Audit

World Backup Day: Four Data Protection Best Practices to Know

Pure Storage

MARCH 29, 2024

World Backup Day: Four Data Protection Best Practices to Know by Pure Storage Blog This article originally appeared on SolutionsReview.com. It has been republished with permission from the author. The post World Backup Day: Four Data Protection Best Practices to Know appeared first on Pure Storage Blog.

Backup

Backup Cybersecurity Architecture Resilience

How to Counter AI-Driven Cybersecurity Threats to Physical Security Products

Security Industry Association

OCTOBER 5, 2023

In this blog from SIA Cybersecurity Advisory Board member Pauline Norstrom – founder and CEO of Anekanta Consulting – learn about mitigating artificial intelligence-driven cybersecurity threats to physical security products. AI can be used to automate the discovery and exploitation of zero-day vulnerabilities.

Cybersecurity

Cybersecurity Security Malware Vulnerability

How to Generate a CSR

Pure Storage

JUNE 12, 2023

How to Generate a CSR by Pure Storage Blog To provide encrypted traffic using SSL/TLS between a client and a host server, companies must create a certificate signing request (CSR) and submit it to a certificate authority (CA). An OpenSSL bug was responsible for one of the biggest vulnerabilities on the open internet, Heartbleed.

Authentication

Authentication Internet Authorization Vulnerability

What is New with CBS Terraform Provider 0.9.0

Pure Storage

JULY 12, 2023

by Pure Storage Blog This article on CBS Terraform Provider 0.9.0 originally appeard on Adam Mazouz’s blog. It has been republished here with the author’s credit and consent. In this blog post, I will cover what is new with the latest version of the Pure Cloud Block Store Terraform Provider.

Authentication

Authentication Publishing Audit Authorization

Guest Post: “I’ve Upgraded My Credentials. My Facility Is Safe Now, Right?”

Security Industry Association

SEPTEMBER 8, 2023

Most employees will take their credentials home with them when they leave their facility, and once the employees are outside the secured environment, a secure credential is protected from many of the types of attacks vulnerable credentials are prone to. 1038 combinations), such as adding devices between readers and controllers.

Vulnerability

Vulnerability Manufacturing Communications Security

Do Cyber Risks Lurk in Your Business Ecosystem?

NexusTek

OCTOBER 25, 2023

Experts recommend the following: Multifactor authentication (MFA): This requires at least two forms of identity verification for login, which effectively stymies unauthorized logins using compromised credentials. Patch management: This practice ensures that any identified vulnerabilities in software are addressed in a timely manner.

Cybersecurity

Cybersecurity Evaluation Vulnerability Risk Management

Money at Risk: Finance & Data Security in the Digital Age

NexusTek

APRIL 19, 2023

Using measures such as multi-factor authentication (MFA) supports identity verification for both customers and internal stakeholders such as employees. employees at different levels of authority or in different departments) can access what portions of the network also creates safeguards that protect against internal and external malfeasance.

Financial Services

Financial Services Security Banking Cybersecurity

You’ve Been Hit by Ransomware. Now What?

Pure Storage

JULY 12, 2021

Authorities say paying the ransom can indicate vulnerabilities, making you an easy target. Multifactor-authenticated, immutable snapshots. Having multifactor-authenticated snapshots that can’t be edited or deleted, even by a rogue admin, take this bit of leverage off the table. appeared first on Pure Storage Blog.

Backup

Backup Outage Authentication Architecture

Harnessing Static and Dynamic Code Scanning in DevSecOps

Pure Storage

FEBRUARY 12, 2024

Harnessing Static and Dynamic Code Scanning in DevSecOps by Pure Storage Blog This blog on static and dynamic code scanning in DevSecOps was co-authored by Dr. Ratinder Paul Singh Ahuja, CTO for Security and Networking, and Rajan Yadav , Director of Engineering, CNBU (Portworx), Pure Storage. What Is Code Scanning?

Vulnerability

Vulnerability Mitigation Authentication Authorization

ISC East Session Preview: Securing IIoT Using Zero Trust — The Future of IIoT Cybersecurity

Security Industry Association

OCTOBER 5, 2022

In this blog, Knehr provides expert insights on this critical topic and gives a sneak peek of what to expect during this session. These devices automate a lot of commercial processes which increase efficiency and often help to reduce costs, but they have also introduced a new set of vulnerabilities to organizations. 17, at 2:00 p.m.

Cybersecurity

Cybersecurity Security Authentication Internet

Managing Cyberthreats to Combat Ransomware Part Two: Emerging Technologies and Use Cases

Zerto

AUGUST 25, 2022

In part one of our blog, Managing Cyberthreats to Combat Ransomware: Current Technologies , we looked at technologies organizations are currently using to mitigate cyberthreats such as: intrusion detection system (IDS), anti-malware software, and multi-factor authentication, among others. Artificial Intelligence & Machine Learning.

Technology

Technology Disaster Recovery Management Authentication

Cloud Data Security Challenges, Part 3: Getting Control

Pure Storage

JULY 14, 2022

In part 2 of our three-part cloud data security blog series, we discussed the issue of complexity. Preventive controls , which companies use to manage, strengthen, and protect vulnerabilities within a cloud. The post Cloud Data Security Challenges, Part 3: Getting Control appeared first on Pure Storage Blog.

Security

Security Backup Government Application

Don’t Be Intimidated by OSDP

Security Industry Association

OCTOBER 6, 2022

In this blog, Diodato provides expert insights on this critical topic and gives a sneak peek of what to expect during this session. Perhaps the single most important feature of OSDP is the Secure Channel Session (SCS) which ensures that all business data transfers over the twisted pair are encrypted and authenticated. 16, at 3:15 p.m.

Manufacturing

Manufacturing Education Communications Security

10 Disaster Recovery Plan Mistakes to Avoid for Your Business

Erwood Group

MARCH 20, 2023

However, even with the best intentions, many organizations make common mistakes that can leave them vulnerable to downtime, data loss, and costly recovery efforts. This person should have the authority to make decisions and communicate with all parties involved.

Disaster Recovery

Disaster Recovery All-Hazards Hazard Cybersecurity

Minimizing Dependencies in a Disaster Recovery Plan

AWS Disaster Recovery

JANUARY 25, 2022

The AWS Identity and Access Management (IAM) data plane is highly available in each Region, so you can authorize the creation of new resources as long as you’ve already defined the roles. Note: If you use federated authentication through an identity provider, you should test that the IdP does not itself have a dependency on another Region.

Disaster Recovery

Disaster Recovery Failover Outage Application

Continuity Professionals Pulse

What We Can Learn from the Log4j Vulnerability

How to Implement Threat Modeling in Your DevSecOps Process

Trending Sources

World Backup Day: Four Data Protection Best Practices to Know

How to Counter AI-Driven Cybersecurity Threats to Physical Security Products

How to Generate a CSR

What is New with CBS Terraform Provider 0.9.0

Guest Post: “I’ve Upgraded My Credentials. My Facility Is Safe Now, Right?”

Do Cyber Risks Lurk in Your Business Ecosystem?

Money at Risk: Finance & Data Security in the Digital Age

You’ve Been Hit by Ransomware. Now What?

Harnessing Static and Dynamic Code Scanning in DevSecOps

ISC East Session Preview: Securing IIoT Using Zero Trust — The Future of IIoT Cybersecurity

Managing Cyberthreats to Combat Ransomware Part Two: Emerging Technologies and Use Cases

Cloud Data Security Challenges, Part 3: Getting Control

Don’t Be Intimidated by OSDP

10 Disaster Recovery Plan Mistakes to Avoid for Your Business

Minimizing Dependencies in a Disaster Recovery Plan

Stay Connected