Jason Cheng on LinkedIn: #proxmoxve #pve #graylog (2024)

🚨 Elastic Security Report 🚨- Fleet Server Insertion of Sensitive Information into Log File (ESA-2023-20)https://lnkd.in/dKVafwhD- Elastic Endpoint Insertion of Sensitive Information into Log File (ESA-2023-21)https://lnkd.in/dyZYzEXA#elastic #elasticsecurity #cybersecurity #report

5

Another fully packed development cycle has been successfully completed with the publication of the Nevis Security #IdentitySuite May release. The following Medium article of Davide Cucuzzella provides a great overview about the new features:https://lnkd.in/eqZKvF82With the improved support of #openshift we support our customers to perform their #cloudtransformation even more efficient by providing additional options for #hybridcloud deployments! #security #ciam #passwordless #privatecloud #letsretirepasswords

32

1 Comment

Innovation in #Security. Supported, endorsed and soon implemented by #Oracle. Creating an #Open #Standard. Welcome to the future!Zero Trust Packet Routing will be a huge step towards interoperable data security and will change the way admins and users think about it.Oracle is collaborating with Applied Invention and other industry leaders to create an open standard for network and data security. Find out more: https://lnkd.in/eA23gqya #CloudWorld

4

Tripwire Enterprise seamlessly integrates with IBM i without the need for extensive code changes. Ron Adams details the simple setup process using PASE and how it maximizes efficiency and security:⤵️https://lnkd.in/dVAEWSDJ#IBMi #Infosecurity #Cybersecurity

8

Optimize Your Log Forwarding To SIEM with syslog-ng Store Box (SSB): Learn How to Easily Configure Splunk HEC and Microsoft Sentinel Destinations!The syslog-ng Store Box (SSB) appliance, built on syslog-ng Premium Edition (PE), offers a streamlined solution for log analysis and SIEM optimization. With intuitive GUI, SSB inherits PE's robust features, enabling seamless integration with Splunk HEC and Microsoft Sentinel. To get expert tips on configuring and testing SSB for optimal performance: https://lnkd.in/eG5jrEzf #DTAsia #OneIdentity #OI #syslog-ng #SIEMOptimization #LogAnalysis #cybersecurityOne Identity

12

💡 Essentials of Identity and Authorization - OAuth 2.0!Are you ready to unlock the secrets behind secure and seamless access control? Dive into this article, where Cloudentity demystifies the world of OAuth 2.0 and its fundamental role in modern authentication.In this article you will learn:✅What is OAuth 2.0?✅ How Does it Work?✅ How basic authorization flows look like?Whether you're an aspiring developer, a seasoned IT professional, or simply curious about the magic behind secure data sharing, this article is your gateway to unraveling the power of OAuth 2.0!Read the full article here:https://lnkd.in/dcgJPB4G#OAuth2 #IdentityAndAuthorization #Cybersecurity #AccessControl #Authentication #Authorization #TechInsights #SecureDataSharing #Cloudentity

3

The largest cyberattack of its kind recently happened. Here’s how.©Charles Krupa/APA trio of internet giants revealed on Tuesday that they had fought off an “unprecedented” distributed denial-of-service (DDoS) attack — used to disrupt the availability of systems like websites and services — that registered as the biggest on record, by far.Cloudflare, Google and Amazon Web Services (AWS) said the attack relied on a previously undisclosed vulnerability in a key piece of internet architecture.And it was massive.“For a sense of scale, this two minute attack generated more requests than the total number of article views reported by Wikipedia during the entire month of September 2023,” Google wrote in a blog post.News of the attack comes as maintainers of a foundational open-source internet tool announced severe vulnerabilities, and as four federal agencies published guidance on the security of open-source software (OSS).HTTP/2 ‘Rapid Reset’The attack, known as HTTP/2 “Rapid Reset,” abuses a weakness in the HTTP/2 protocol. HTTP stands for Hypertext Transfer Protocol and is used to load webpages. HTTP/2 was a revision of an earlier version, meant to make pages load faster, among other improvements.“The DDoS events AWS detected were a type of HTTP/2 request flood, which occurs when a high volume of illegitimate web requests overwhelms a web server’s ability to respond to legitimate client requests,”Tom Scholl, vice president and distinguished engineer at the company, andMark Ryland, AWS’s director of the office of chief information security officer, wrotein a blog post.

𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗟𝗶𝗯𝗿𝗮𝗿𝘆 𝟰.𝟱𝟰.𝟬 𝗦𝘂𝗽𝗽𝗼𝗿𝘁𝘀 𝗠𝗮𝗻𝗮𝗴𝗲𝗱 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝗶𝗲𝘀Boosting Security: Microsoft Authentication Library 4.54.0 empowers developers with enhanced protection as it now supports Managed Identities. Simplify authentication processes while ensuring robust security measures for your applications.#MicrosoftAuthenticationLibrary #ManagedIdentities #SecurityEnhancements #DeveloperTools #AuthenticationSimplificationhttps://lnkd.in/gkDqcgVA

AWS Verified Access now provides improved logging functionality, making it easier to author and troubleshoot application access policies. Verified Access enables you to provide secure access to your corporate application using zero-trust principles. You can use end-user context, such as user groups and device risk score, from your existing third-party identity and device security services to define access policies. Starting today, you can log all the end-user context received from third-party services, simplifying policy authoring and troubleshooting.