This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL - dev-sec/ansible-collection-hardening

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released a new open-source incident response tool that helps detect signs of malicious activity in Microsoft cloud environments.

I recommend turning Dependabot off and replacing it with a pair of scheduled GitHub Actions, one running govulncheck, and the other running CI against the latest version of your dependencies.

January 20, 2020: Based on customer feedback, we rephrased the fourth goal in the “An example structure with nested OUs and SCPs” section to try to improve clarity. With AWS Organizations, you can centrally manage policies across multiple AWS accounts without having to use custom scripts and manual processes. For example, you can apply service […]

Critical Unauthenticated RCE Flaw, no Common CVE identifiers have been assigned yet, although experts suggest there should be at least three to six.

Today, we’re excited to announce the general availability of our new organization and enterprise-level security overview dashboards, alongside enhanced secret scanning metrics and the enablement trends reports. These features are…

SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/ - francoismichel/ssh3

Welcome back to another watchTowr Labs blog. Brace yourselves, this is one of our most astounding discoveries.

Summary

What started out as a bit of fun between colleagues while avoiding the Vegas heat and $20 bottles of water in our Black Hat hotel rooms - has now seemingly become a

A proposed standard that allows websites to define security policies.

Worldwide enumeration of accounts was possible due to a —now closed— privacy vulnerability

DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work! - splunk/DECEIVE

With end-to-end integration into the SDLC, continuous security supports CI/CD to improve productivity, speed time-to-market and reduce risks.

We started developing our vulnerability management platform (VMP) at Spotify in Q2, 2020, and now that we’ve implemented it and use the system in our day-to-day work, we wanted to take a moment to share our journey to help reduce security risks in an efficient and scalable manner.

This is a joint post with the Homebrew maintainers; read their announcement here! Last summer, we performed an audit of Homebrew. Our audit’s scope included Homebrew/brew itself (home of the brew CLI), and three adjacent repositories responsible for various security-relevant aspects of Homebrew’s operation: Homebrew/actions: a repository of custom GitHub Actions used […]

Minimum Viable Secure Product (MVSP) is a minimum security baseline for enterprise-ready products and services.

Blue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response.

“What is the easiest way to securely connect tens of thousands of computers, hosted at multiple cloud service providers in dozens of locations around the globe?” If you want our answer, it’s Nebula, but I recommend that you read the rest of this short post before clicking that shiny link. At Slack, we asked ourselves this…

Binarly has published VulHunt Community Edition, making the core scanning engine from Binarly's commercial Transparency Platform available to independent

SBOM 1.0: A specification for sandwich supply chain transparency.