Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk and ServiceNow

Jan 13, 2024 By Snyk In Snyk
Looking for a complete view of your application security posture to drive smarter, faster fixes in your ServiceNow workflows? ServiceNow workflows, backed by Snyk, provide a single view into all application vulnerabilities from multiple sources, determine their priority, and help expedite the remediation process with relevant stakeholders across the organization to reduce the attack surface. Working together with AppSec and IT teams, learn how SecOps teams can track vulnerabilities in open source dependencies and create ServiceNow Application Vulnerable Items (AVITs) automatically.
View Video
mend

Top Tools for Automating SBOMs

Jan 12, 2024 By AJ Starita In Mend
We’ve talked a lot about why software bills of materials (SBOMs) are important and how they communicate the value of your organization, so we won’t continue those lectures here. We’re all good on the why so today we’ll talk about the how – the best (and free!) tools to help you create SBOMs automatically. Creating an SBOM manually is arduous and error-prone so why not avoid it altogether?
Read Post

What is SAST? Static Application Security Testing explained in 60 seconds

Jan 11, 2024 By GitGuardian In GitGuardian
Discover the world of Static Application Security Testing (SAST) in this concise video. SAST, which stands for Static Application Security Testing, is an essential security tool that examines your source code for potential vulnerabilities. Unlike dynamic tools, SAST operates solely on your code, making it a static analysis tool.
View Video
CalCom

MSS: (DisableIPSourceRouting) IP source routing protection level (protect against packet spoofing)

Jan 10, 2024 By Keren Pollack In CalCom
Optimally configuring “DisableIPSourceRouting” parameter enhances security by mitigating the risk of denial-of-service (DOS) attacks through packet spoofing. In such attacks, the goal is to inundate the target with high volumes of traffic, and using spoofed IP addresses makes it challenging to filter and identify the true source of the attack. Server hardening can be arduous. CSH by CalCom automates the process, learning your network to eliminate the need for testing.
Read Post
CalCom

PowerShell Security Best Practices

Jan 10, 2024 By Keren Pollack In CalCom
Windows PowerShell is a powerful scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify managing and automating administrative tasks. PowerShell was launched in 2006 and has been a standard feature of the Windows operating system (OS) since Windows 7, enabling system administrators to simplify and automate administrative tasks while following essential security best practices.
Read Post
CalCom

Understanding Active Directory Security Principals

Jan 10, 2024 By Keren Pollack In CalCom
Active Directory is most organizations’ primary identity storage, and is integral to an organization’s operating system. It is used to manage security principals, including user accounts, computers, servers, and other devices in the network. Since its launch 20 years ago, it has been integrated with numerous applications and systems and became one of the main foundations in the organization’s IT infrastructure.
Read Post
armo

Why context matters in Kubernetes security

Jan 10, 2024 By Ben Hirschberg In ARMO
There are things in the world that are absolute, and there are things that are relative. For example, it is an absolute truth that the middle three Star Wars episodes were better than the prequel three. But if we are talking about security, it is mostly accepted to be relative as it is a well-accepted thesis that there is no absolute security. Every system can eventually be broken. Like in the joke about the two folks who are attacked by a lion.
Read Post
armo

ARMO announces new Slack integration

Jan 9, 2024 By Yossi Ben Naim In ARMO
We’re thrilled to introduce a fresh ARMO app designed exclusively for Slack, delivering notifications directly to the channels where your teams focus on tackling security concerns related to Misconfiguration, Vulnerabilities, and Compliance. This integration ensures that your DevSecOps teams receive timely notifications within their preferred collaboration platform, empowering them to take immediate action.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.