When it comes to modern software development, collaboration is the name of the game; to this end, development teams have more than ample selection of tools at their disposal these days. With a user base in the double digit millions, GitHub is the perennial favorite for sharing, collaborating, and repositing code, but the recently revamped Visual Studio Online—now known as Microsoft Visual Studio Team Services (VSTS)—may soon be stealing some of its thunder.
It's been said that to defeat cyber attackers, you must think like them. For most organizations, this seldom is the case; efforts to bolster cybersecurity measures rarely go beyond implementing stronger controls, training employees to be vigilant, and—on occasion—hiring outside firms to assist in security testing efforts. However, for firms intent on staying one step ahead of nefarious actors, penetrating their own network defenses on a regular basis is crucial to maintaining continuously effective security. To this end, Metasploit and Nmap are two popular tools that enable firms to diagnose critical security gaps before they lead to data breaches.
Cylance and Tanium—both firms are in the billion dollar valuation club, but what does this buy in terms of cybersecurity? Tanium claims 15 seconds to visibility and control, while Cylance combines AI and machine learning with endpoint protection. Let's find out if these security vendors' solutions can give organizations a fighting chance in a digital world fraught with cyber threats.
As the dominant cloud vendor by market share, AWS—in efforts to rein back control of its public cloud ecosystem—has expanded its plethora of built-in console offerings to go head-to-head with leading 3rd party-developed tools. For example, Amazon Inspector now enables native automated security assessments while AWS CodePipeline offers continuous delivery and release automation services, all from within AWS. And for keeping a keen eye on EC2 instances and application, there's Amazon CloudWatch for native monitoring of AWS cloud resources. Let's see how it stacks up against Nagios, the leading open source infrastructure monitoring platform.
When it comes to public cloud offerings, few vendors can hold a candle to AWS and Microsoft Azure's dominance in the infrastructure as a service (IaaS) space. However, neither have offered much in terms of hybrid/private cloud platforms and tools—until now. OpenStack has long filled this void with its open source cloud computing platform, but Azure Stack's arrival may finally spell an end to its dominance in the category.
In our previous piece 10 Essential Steps for Configuring a New Server we walked through some of the best practices to follow when setting up a new Linux server. But how can you tell if your server is setup correctly? More importantly, how can you ensure those initial configurations don’t drift over time? With UpGuard, you can do both at any scale, so we’ve created a policy within our cyber resilience platform to match our 10 essential steps as an example of how we can help organizations control their IT environments.
15 second visibility versus three decades of infosec experience, which will ultimately prevail? Tanium claims it can provide security teams with visibility and control over every endpoint in 15 seconds or less, regardless of network size; Intel Security is of course the venerable McAfee, rebranded/repositioned after being acquired by its current namesake in 2011. Find out how these two compare when it comes to protecting today's enterprises against cyber threats.
Linux admins have relied on the command line to manage their systems since the beginning. While not as immediately intuitive as a GUI, command line interfaces (CLIs) open up the real power of computing with a slew of versatile commands that can be chained together for nearly any purpose. GUIs, on the other hand, are limited to the nearly always reduced functionality developers built into the buttons and screens. This model makes sense, since only some people will need the “advanced” capabilities of the command line, while others perform only a few tasks over and over with a minimum of knowledge about the software. Regular command line users develop a sense of how to best use the commands over time, but with this UpGuard primer, even dabblers can take advantage of some quick tricks using these five basic Linux commands.
Effective cybersecurity these days is a complex and multifaceted affair involving a myriad of approaches: intrusion detection/prevention, vulnerability detection, malware mitigation, security configuration management (SCM), security information and event management (SIEM), patch management, file integrity monitoring (FIM), and more. For most organizations, however, the shortest path of least resistance means deploying a consolidated platform combining a multitude of these approaches. Tenable SecurityCenter Continuous View (CV) and Symantec Endpoint Protection are two such offerings.
Cyber security compliance standards exist to protect devices, data and people connected to the internet from the myriad threats facing them every day. For example, regulations like the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) standards ensure businesses operating in the power industry follow certain guidelines with regard to cybersecurity in order to keep the service they provide reliable. Typically, devices that fall within the scope of these regulations include computers, network devices, and other network-connected devices, such as industry-specific tools, card scanners, etc. But what happens when everything is connected to the network?