Everyone’s talking about Platform Engineering these days. Even Gartner recently featured it in its Hype Cycle for Software Engineering 2022. But what is Platform Engineering really about? Is it the next stage in the evolution of DevOps? Is it just a fancy rebrand for DevOps or SRE?As a veteran of the PaaS (Platform as a Service) discipline about a decade ago, and a DevOps … [Read more...] about Platform Engineer: DevOps Evolution or a Fancy Rename?
Platform
Identity Protection: Benefits of a Unified Security Platform
As cyberattacks continue to grow relentlessly, enterprises have to continue improving their cyber defenses to stay one step ahead of the adversaries. One area that CISOs have recently started paying more attention is identity threat protection. This is not surprising considering 80% of modern attacks are identity-driven leveraging stolen credentials. In fact, identity threat … [Read more...] about Identity Protection: Benefits of a Unified Security Platform
Researchers Report Critical RCE Vulnerability in Google’s VirusTotal Platform
Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE). The flaw, now patched, made it possible to "execute commands remotely within VirusTotal platform and gain access to its various scans capabilities," Cysource researchers Shai Alfasi and Marlon Fabiano da … [Read more...] about Researchers Report Critical RCE Vulnerability in Google’s VirusTotal Platform
A Key Factor for Platform Teams To Be Successful
Centralize or decentralize, what cycle are we in?As an industry analyst at Gartner, we would often discuss whether people were in a centralized or decentralized cycle. In business, it’s normal to investigate options for creating innovation and moving quickly, or focus on reducing cost and optimizing teams and technologies. The current cycle we have been in has lasted roughly10 … [Read more...] about A Key Factor for Platform Teams To Be Successful
Critical LFI Vulnerability Reported in Hashnode Blogging Platform
Researchers have disclosed a previously undocumented local file inclusion (LFI) vulnerability in Hashnode, a developer-oriented blogging platform, that could be abused to access sensitive data such as SSH keys, server's IP address, and other network information. "The LFI originates in a Bulk Markdown Import feature that can be manipulated to provide attackers with unimpeded … [Read more...] about Critical LFI Vulnerability Reported in Hashnode Blogging Platform
First Malware Targeting AWS Lambda Serverless Platform Discovered
A first-of-its-kind malware targeting Amazon Web Services' (AWS) Lambda serverless computing platform has been discovered in the wild. Dubbed "Denonia" after the name of the domain it communicates with, "the malware uses newer address resolution techniques for command and control traffic to evade typical detection measures and virtual network access controls," Cado Labs … [Read more...] about First Malware Targeting AWS Lambda Serverless Platform Discovered
A Key Factor for Platform Team To Be Successful
Centralize or decentralize, what cycle are we in?As an industry analyst at Gartner, we would often discuss whether people were in a centralized or decentralized cycle. In business, it’s normal to investigate options for creating innovation and moving quickly, or focus on reducing cost and optimizing teams and technologies. The current cycle we have been in has lasted roughly10 … [Read more...] about A Key Factor for Platform Team To Be Successful
How the Falcon Platform Modernizes Your Security Stack
The job for CIOs, CISOs and their security and IT teams may be more complex than ever in 2022. Ongoing support for hybrid workforces, coupled with the continued shift to the cloud, has expanded the threat surface. At the same time, the infrastructure and environments supporting organizations are growing ever more vulnerable. According to the National Institute of Standards and … [Read more...] about How the Falcon Platform Modernizes Your Security Stack
CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog. On top of that, CISA is also recommending that Federal Civilian Executive Branch (FCEB) agencies patch all systems against the … [Read more...] about CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform
How the CrowdStrike Falcon Platform Automates Vulnerability Remediation
Adversaries are becoming more adept and sophisticated in their attacks. Taking advantage of vulnerabilities present in major software is often an attractive entry point for establishing a campaign within an enterprise environment. The CrowdStrike 2022 Global Threat Report highlights how adversaries continue to shift tradecraft and weaponize vulnerabilities to evade detection … [Read more...] about How the CrowdStrike Falcon Platform Automates Vulnerability Remediation