Topic: security

Report: Majority of security pros admit to using “shadow SaaS” apps

A recent survey from Next DLP revealed that over the last year, 73% of security professionals have used used “shadow Saas,” or SaaS applications not provided or approved by their IT teams. Further, even though they are using shadow SaaS, they admitted to being aware of the risks of doing so, with the most commonly … continue reading

Q&A: What the consolidation of the SIEM market means for IT

Over the last several months, multiple security information and event management (SIEM) platforms have either merged or been acquired. LogRhythm merged with Exabeam, Palo Alto Networks acquired IBM’s QRadar portfolio, and Cisco acquired Splunk.  To talk about why this is happening and what it all means, Chas Clawson, field CTO at Sumo Logic, joined the … continue reading

Datadog releases a number of observability, security updates at DASH

Datadog is hosting its annual event, DASH, this week. At the event, the company showed off several new features across its entire platform, from observability to security.  Observability Datadog LLM Observability allows customers to monitor their LLM apps to identify drifts in prompt topics and responses, mitigate prompt injections, detect personally identifiable information (PII) leakage, … continue reading

SELKS – ITOps Times Open Source Project of the Week

SELKS is an open-source network security monitoring platform that offers network intrusion and detection capabilities.  The name comes from the original components it was built around: Suratica, Elasticsearch, Logstash, Kibana, and Scirius. It has since expanded to include EveBox, Arkime, and CyberChef as well.  It can be installed on any Linux or Windows operating system … continue reading

Kyndryl Threat Insights provides security insights for AWS environments

Kyndryl has announced a new collaboration with AWS to provide its customers better insights into threats in their AWS environments. Kyndryl Threat Insights Managed Service provides a central repository for security data from AWS using Amazon Security Lake.  By being able to access security data from a single view, companies will be able to uncover … continue reading

Puppet delivers enhanced infrastructure automation for a new operating reality

Infrastructure automation provider Puppet by Perforce has added new security, compliance, and continuous integration/continuous delivery (CI/CD) capabilities to its platform offering. Infrastructure resilience, improved agility and aligning with business goals are the critical focus for infrastructure and operations (I&O) leaders. According to a recent Gartner I&O Leaders Survey, the most important services I&O leaders need … continue reading

Report: Occurrence of specialized app attacks quickly rising

In the past year, the number of specialized attacks, which target specific applications through means such as making malicious changes to the code, has sharply risen. According to’s 2024 Application Security Threat Report, the likelihood of an iOS app having maliciously modified code grew from 6% to 20% in the last year. Similarly, for … continue reading

Trend Micro update helps organizations manage risks of AI adoption

Cybersecurity company Trend Micro this week released updates to its Trend Vision One solution designed to meet the mass adoption of new AI tools by managing the risks associated with that adoption and securing how organizations use AI. In the company announcement, co-founder and CEO Eva Chen said, “Great advancements in technology always come with … continue reading

Secure Code Warrior’s new SCW Trust Score helps companies benchmark their security posture

The security learning company Secure Code Warrior is making it easier for organizations to assess the security posture of their development teams with the SCW Trust Score. The score utilizes 20 million data points from over 250,000 developers to provide a benchmark that teams can compare themselves to. Scores are given on a scale of … continue reading

ITOps Times Open-Source Project of the Week: Copa

Copa, short for Copacetic, is an open-source project for vulnerability management. It can automatically apply the necessary patches to a container image based on the results of vulnerability scans.  This allows containers to be patched quickly without waiting on a full rebuild upstream, so that they can be redeployed as fast as possible.  The maintainers … continue reading

Lacework launches new capabilities for securing cloud environments

The security company Lacework has announced the addition of new capabilities to its platform to help IT and security teams more easily secure their cloud environments.  The first new addition is Lacework Explorer, which is designed to provide better visibility into potential threats. It provides a visualization of the relationships between cloud resources, which helps … continue reading

Cloudflare releases two new security solutions for preventing AI-based attacks

Cloudflare has announced two new security solutions designed to help protect against AI-based threats: Defensive AI, a personalized approach to securing organizations against risks caused by AI, and Firewall for AI, which scans LLM prompts for language commonly used in attacks.  Defensive AI provides tailored mitigations that enable the protection of critical applications and entire … continue reading

1 2 3 26 Protection Status

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!