Perficient

FEBRUARY 23, 2023

This is the third blog in a series that explains how organizations can prevent their Data Lake from becoming a Data Swamp, with insights and strategy from Perficient’s Senior Data Strategist and Solutions Architect, Dr. Chuck Brooks. In this blog, we discuss the fourth capability: Implementing classification-based security in the Data Lake.

Data 111

Data Google Cloud Analytics Cloud 111

Xebia

JUNE 19, 2023

Introduction Welcome to part three of the blog series about Application Security Testing. In part one of this series, we looked at Static Application Security Testing (SAST) and in part two at Dynamic Application Security Testing (DAST). First a brief explanation is given about IAST. This is done via an agent.

Applications 130

Applications Testing How To Tools 130

Tenable

APRIL 16, 2024

But sometimes we like to give you a peek behind the curtain to share how we protect our own house against cyberattacks – and that’s what this blog is about. Today we’re sharing our experience adopting the supply-chain security framework SLSA, with the hopes that the lessons we learned will be helpful to you. What is SLSA?

Software Review 67

Software Review Software Systems Review Guidelines 67

Tenable

MARCH 14, 2023

9 Critical 66 Important 1 Moderate 0 Low Update March 14: This blog has been updated to reflect the correct title for CVE-2023-23397 as well as new information from Microsoft regarding the in-the-wild exploitation of this flaw. On March 14, Microsoft published a blog post regarding the discovery of this vulnerability.

Windows 98

Windows Operating System Authentication Internet 98

InnovationM

JULY 12, 2023

Applets are loaded into a web page using a <applet> tag, which specifies the location of the applet’s code and any necessary parameters. This is done for security reasons, as applets can potentially be used to execute malicious code. imports the Applet package and contains the Applet class. How do Applets work?

Windows 97

Windows Programming Applications Internet 97

Lacework

APRIL 15, 2022

On April 11th, 2022 a Github repository containing information about the vulnerability was released. Per Nginx’s blog post , disabling Nginx’s ldapDaemon configuration can prevent the exploitation of this vulnerability. According to the Nginx security advisory, the LDAP reference implementation is published as a Python daemon. (SSH

Open Source 52

Open Source Authentication Analysis Examples 52

Palo Alto Networks

DECEMBER 4, 2019

Cloud, containers and microservices are some of the disruptive technologies that have had a transformative impact on enterprise security in recent years. When I visit customers around the world, my advice to them is, “If you are still defining security along IP addresses, your security model will quickly break.”.

Policies 54

Policies Data Center Firewall Microservices 54

Tenable

NOVEMBER 8, 2022

While they are not considered new advisories as part of the November Patch Tuesday release, Microsoft updated the advisory pages for CVE-2022-41040 and CVE-2022-41082 ( ProxyNotShel l) indicating that patches are now available along with this month’s Security Updates. Microsoft's November 2022 Security Updates. Tenable Solutions.

Windows 101

Windows Azure Open Source Policies 101

Modus Create

MARCH 3, 2021

Three Modus engineers recently wrote a book about Docker and security best practices, Docker for Developers , published by Packt Publishing. The book is oriented toward software development, deployment, and security. Chapter 2: Using VirtualBox and Docker Containers for Development. Chapter 4: Composing Systems using Containers.

Software Review 98

Software Review Technical Review Development Systems Review 98

Perficient

FEBRUARY 14, 2023

In this series of blog posts, we will explore the four pillars of a successful Cloud Transformation: Program Model, Cloud Foundations, Portfolio Transformation, and Enterprise App Migration. The next blog in our series will focus on Cloud Foundations and provide further insights on how to achieve success in this area.

Programming 111

Programming Cloud Sustainability Government 111

Cloudera

JUNE 15, 2021

At Cloudera, we have long believed that automation is key to delivering secure, ready-to-use, and well-configured platforms. This blog will walk through how to deploy a Private Cloud Base cluster, with security, with a minimum of human interaction. The most powerful tool we have as developers is automation.” — Scott Hanselman.

Cloud 82

Cloud AWS Azure Linux 82

CircleCI

JUNE 27, 2019

This is the third blog post in a three-part series about building, testing, and deploying a Clojure web application. Docker - A tool designed to make it easier to create, deploy, and run applications by using containers. Docker Compose - A tool for defining and running multi-container Docker applications. Create a wait-for-it.sh

AWS 96

AWS Load Balancer Film Applications 96

Tenable

JULY 11, 2023

Microsoft also issued an advisory with guidance on the malicious use of Microsoft signed drivers as well as an advisory regarding a security feature bypass in Trend Micro EFI modules. For more information, please refer to Microsoft’s blog post. It was assigned a CVSSv3 score of 8.8 and was exploited in the wild as a zero-day.

Windows 98

Windows Software Review Systems Review Authentication 98

Cloudera

NOVEMBER 10, 2021

CDP includes new functionalities as well as superior alternatives to some previously existing functionalities in security and governance. This blog post provides CDH users with a quick overview of Ranger as a Sentry replacement for Hadoop SQL policies in CDP. Why switch to Ranger? Inherited model in Sentry Vs Explicit model in Ranger.

Policies 75

Policies Groups Data Tools 75

Daniel Bryant

APRIL 10, 2023

Please come and find us to learn more about Envoy Gateway , Emissary-ingress , Telepresence , or TAG Contributors ! TAG Contributor Strategy: What We Get Out of It (and You Could Too!) (16:30–17:05, TAG CS members share how giving back has shaped their careers, advanced their skills, and grown their own communities.

Case Study 52

Case Study Open Source Software Engineering Conference 52

Xebia

MAY 11, 2023

In a previous blog post I’ve already detailed How I replaced Xebia Leadership with Artificial Intelligence leveraging OpenAI. In this blog post I will show you how to do this with GCP on Cloud Run using a small Flask application. platform linux/amd64 -t gcp-papercompany docker tag gcp-papercompany gcr.io/yourgcpproject/gcp-papercompany

Generative AI 130

Generative AI Virtualization Artificial Inteligence Leadership 130

Cloudera

JUNE 28, 2022

In a previous blog of this series, Turning Streams Into Data Products , we talked about the increased need for reducing the latency between data generation/ingestion and producing analytical results and insights from this data. This blog will be published in two parts. This is what we call the first-mile problem.

Analytics 81

Analytics Machine Learning Artificial Inteligence Cloud 81

Tenable

JULY 12, 2023

Find out how Tenable OT Security is designed to give you in-depth asset visibility to address these new vulnerabilities without disrupting productivity. You can read more about these in this blog post from the Tenable Research team. Identifying vulnerable systems in your industrial environment can be complex.

Systems Review 52

Systems Review Network Technical Review Software Review 52

Linux Academy

JULY 18, 2019

Applying Tags to VMs in Azure Using Powershell. Securing Storage with Acces Keys and Shared Access Signatures in Microsoft Azure. Modifying a Storage Account and Setting Blog Container to Immutable. Intro to Using Azure Blob Storage. Provision a SQL Data Warehouse Instance in Azure. Creating an Action Group in Azure.

Azure 126

Azure Linux Google Cloud Storage 126

Tenable

JUNE 8, 2021

Tenable's Security Response Team is aware that others may be counting CVE-2021-33741 as part of Patch Tuesday. Discovery of the vulnerability is credited to Clément Lecigne of Google’s Threat Analysis Group (TAG). From a new advanced scan, in the plugins tab, set an advanced filter for Plugin Name contains June 2021. 5 Critical.

3D 93

3D Windows Research Trends 93

Tenable

OCTOBER 15, 2020

To maximize the impact of your security advisories, here are some key steps vendors can take to support automated workflows and timely remediation efforts. What makes a good security advisory? For each vulnerability disclosure, the security advisory should also include a detailed description of the issue and the CVSSv3 metrics.

Software Review 99

Software Review Technical Review Weak Development Team Metrics 99

Altexsoft

FEBRUARY 11, 2020

Incident response is typically performed by an incident response team composed of security professionals and other relevant staff. This team is often referred to as a Computer Security Incident Response Team (CSIRT) or a Computer Emergency Response Team (CERT). Containment and neutralization. Identification and analysis.

Tools 109

Tools Linux Analysis Open Source 109

Linux Academy

MAY 28, 2019

Stay tuned to the Linux Academy blog for further details. Additionally, we will cover how to use App Service Environments (ASE) to host a dedicated environment for securing and running App Service apps at scale. Tag images and push them to Docker Hub. Docker Deep Dive In this course we will cover Docker 18.09.4,

Linux 104

Linux AWS Azure Technical Review 104

Linux Academy

JUNE 4, 2019

So, hold my beer and keep calm while you read this blog because the ramp-up to these tools can be pretty quick. Together, these services help securely store and version control your application’s source code and automatically build, test, and deploy your application to AWS or your on-premises environment.

AWS 60

AWS Tools Development DevOps 60

Apiumhub

APRIL 17, 2023

For example, NoSQL databases like MongoDB quickly gained popularity in no small part due to their ability to hold unstructured data compared to traditional SQL databases like PostgreSQL and MySQL, yet those latter databases have evolved as well and can now contain unstructured data via the JSONB and JSON data types, respectively.

Software Review 52

Software Review Web Development Technical Review Engineering 52

CircleCI

MAY 26, 2020

Use one or more branches or tags for different levels of production-readiness, hotfixes, etc. Author: Vincent Driessen Original blog post. Here are the ways that we accomplish this: Testing, in its many forms , is expanded from unit testing and security testing, to load and stress testing.

Software Review 132

Software Review Technical Review Engineering Culture Testing 132

Linux Academy

MARCH 25, 2019

This is because ARP is a layer two protocol and is contained within a broadcast domain (a subnet). If you have a virtual environment and are using VLAN tagging in your virtual setup, this is not a problem. The post Network Awareness Using ARPwatch | Roadmap to Securing Your Infrastructure appeared first on Linux Academy Blog.

Network 96

Network Infrastructure Linux Open Source 96

Linux Academy

FEBRUARY 1, 2019

Get access to and practice in a live Azure console with these hands-on labs: Applying Tags to VMs in Azure Using PowerShell. Securing Storage with Access Keys and Shared Access Signatures in Microsoft Azure. Modify Storage Account and Set Blob Container to Immutable. Identity and security. Hybrid cloud.

Azure 80

Azure Course Training Load Balancer 80

Hypergrid

FEBRUARY 5, 2019

Resource tags may seem unimportant or trivial as you get started on AWS. But as your estate grows tags are fundamental to operational scalability and managing sprawl in your AWS account. In this blog we go over some of the key reasons why you should spend that extra time tagging your AWS resources. Tagging Basics.

AWS 53

AWS Lambda Backup Policies 53

Cloudera

APRIL 30, 2021

This blog reviews the available options for managing Python dependencies in Cloudera Data Engineering (CDE) using resources, a new API abstraction available out of the box to make managing spark jobs and their associated artifacts much easier. Job logs showing how files are uploaded to the container. Create and trigger the job.

Data Engineering 61

Data Engineering Engineering Data Software Review 61

Kentik

NOVEMBER 15, 2018

If your organization has made the move, have you ever wondered whether you’ve actually achieved the performance, reliability and efficiency gains that the cloud promises, or if your data stays secure, or if your ops costs have actually decreased? They include security context. Below is a sample flow log record which contains.

AWS 63

AWS Hardware Google Cloud Cloud 63

Linux Academy

FEBRUARY 11, 2019

We also are moving away from our old 123456 temporary passwords and are randomly generating one on demand for additional security (you do have the ability to reset your password as well). Server Deletion Notifications & Tagging. This feature has also been added, and students can now create a custom tag when creating a server.

Training 60

Training Linux Cloud Google Cloud 60

CloudGeometry

MARCH 3, 2022

In this blog series, we explore how these three dimensions figure into key technical recommendations which enable scale in pursuit of SaaS business growth. Not all SaaS platforms have the freedom to start fresh with cloud-native constructs like containers, serverless, and microservices.

Metrics 130

Metrics Architecture Cloud Strategy 130

Cloudera

SEPTEMBER 7, 2018

A tag team against insider threat. Disclaimer : This blog has been published for information purposes only and is not intended to serve as advice of any nature whatsoever. Accenture does not warrant or solicit any kind of act or omission based on this blog. The blog is the joint property of Accenture and Cloudera.

Machine Learning 49

Machine Learning Artificial Inteligence Scalability Analytics 49

Palo Alto Networks

OCTOBER 17, 2019

Give consumers data security: Consumers have the right to protection from businesses that do not uphold the value of privacy. How will this impact your public cloud security and compliance program? . You can also create policies using services like AWS Config and Azure Policy that enforce tagging rules and conventions.

Cloud 47

Cloud Lambda Compliance AWS 47

The Accidental Successful CIO

DECEMBER 16, 2020

CIOs have the responsibility to help keep the Covid-19 vaccine secure Image Credit: Jernej Furman. What this means for healthcare CIOs is that they need to start planning now for how they are going to keep their vaccines secure so that they can be distributed to the people who need them the most at the right times.

Healthcare 59

Healthcare Pharmaceuticals Government Testing 59

Cloudera

JANUARY 30, 2019

Western Union and IQVIA to name just a couple — CDSW is now also ready to help Hortonworks customers accelerate the delivery of new data products through secure, collaborative data science at scale. IT organizations can deliver all of this with a scalable, secure, governed, self-service platform which avoids costly data and tool stack silos.

Machine Learning 72

Machine Learning Artificial Inteligence Data Open Source 72