For decades, the cybersecurity industry has been shrouded in secrecy. This is partly because of the misunderstanding that cybersecurity often relies on obscurity as its primary form of defense. As the thinking goes, if adversaries don’t know about or understand the security controls that security vendors have in place, it will be easier to defend against cyberattacks.While the … [Read more...] about The secret is out: Why Open Security is key to preventing cyber threats
Open
Continued leadership in open and transparent security
Elastic Security has long been open — with open source roots, open development, and the release of our SIEM in 2019. In 2020, we further embraced the openness of Elastic and released our open detection-rules repo to collaborate with our users and be transparent about how we protect customers. That repo is focused on our SIEM and Security Analytics use cases and did not yet … [Read more...] about Continued leadership in open and transparent security
Simplified SaaS Security for MSPs – Cisco Secure is now open in Canada
Managed services are an essential and fast-growing part of the security market, growing 14% annually. This opportunity presents new challenges MSPs must juggle day to day, including onboarding vendors and driving customer acquisition, all while making sure to provide robust IT solutions for your diverse set of clients. Clients are demanding more security and capabilities for a … [Read more...] about Simplified SaaS Security for MSPs – Cisco Secure is now open in Canada
APM Vision for Open Source and Security
Earlier this month, we shared exciting news with our first placement in the 2022 Gartner® Magic Quadrant™ for Application Performance Monitoring and Observability: we are in the Visionary Quadrant. This research is near to my heart, as I led this research for four years; so, I wanted to reflect on why this is an accurate placement for Logz.io. The Visionary Quadrant is … [Read more...] about APM Vision for Open Source and Security
Where’s Open Source Observability Headed in 2022?
For the last five years, Logz.io has tracked and measured the pulse of DevOps, as well as adoption of key trends and technology, through our DevOps Pulse survey and report. One of the obvious focus areas for us, as a company whose products are based on industry-leading open source, is the increased rise of incredibly useful open-source observability solutions, in general. This … [Read more...] about Where’s Open Source Observability Headed in 2022?
Critical Bugs in TerraMaster TOS Could Open NAS Devices to Remote Hacking
Researchers have disclosed details of critical security vulnerabilities in TerraMaster network-attached storage (TNAS) devices that could be chained to attain unauthenticated remote code execution with the highest privileges. The issues reside in TOS, an abbreviation for TerraMaster Operating System, and "can grant unauthenticated attackers access to the victim's box simply by … [Read more...] about Critical Bugs in TerraMaster TOS Could Open NAS Devices to Remote Hacking
Open Banking: Building customer trust through secure experiences
The rise of “Open Banking” has enabled banking customers to choose to share their previously inaccessible, locked down data with all sorts of third parties — from budgeting apps to mobile wallets, to peer to peer payment providers. This revolution has been a welcome boon for banks, customers, and financial services innovators alike. The ability to securely share access and … [Read more...] about Open Banking: Building customer trust through secure experiences
An Open Security Ecosystem with Shared Signals is the Future of Zero Trust
Zero Trust: as the name implies, is the strategy by which organizations trust nothing implicitly and verify everything continuously. This industry north star is driving different architectures, frameworks, and solutions to reduce an organization’s risk and improve their security posture. Beyond the need to enforce strong authentication and authorization to establish trust of … [Read more...] about An Open Security Ecosystem with Shared Signals is the Future of Zero Trust
Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects
Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks. The issue — tracked as CVE-2021-41077 — concerns unauthorized access and plunder of secret environment data associated with a public open-source … [Read more...] about Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects
Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers
As the pandemic continues to accelerate the shift towards working from home, a slew of digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now according to network security platform provider SAM Seamless Network, over 200,000 businesses that have deployed the Fortigate VPN solution to … [Read more...] about Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers