Zeek offers an arsenal of scripts for monitoring popular network protocols and comes with its own policy scripting language for customization.
Now that web content is encrypted by HTTPS, the underlying name resolution is often unprotected. We look at the classic DNS protocol and investigate whether DNS over HTTPS could be the solution to ensure the confidentiality of DNS requests.
How to deal with threat intelligence on the corporate network when the existing security tools are not effective.
What a user is allowed to do in a program is usually defined by a role model, which often poses numerous challenges, especially in the cloud or for infrastructure as code. The free Open Policy Agent offers a flexible way to manage user rights.
The UDP-based Quick UDP Internet Connections (QUIC) protocol comes with mandatory TLS encryption and promises faster speeds.
Keycloak is a robust and mature project that provides a modern single sign-on authorization experience and centralized authentication of your apps.
Lithnet Password Protection for Active Directory provides flexible rules beyond that possible with group policies alone and prevents the use of previously compromised passwords.
Three IAM security misconfiguration scenarios are rather common: allowing the creation of a new policy version, the modification of a role trust policy, and the creation of EC2 instances with role passing. We look at ways to avoid and detect IAM security holes.
The Domain Name System is repeatedly the target of or is leveraged for attacks on corporate infrastructures; however, it also lets you protect corporate networks against attacks and malware. The Blocky DNS server sets up quickly to secure DNS queries and DNS filtering for corporate networks.
A Helm chart is a template of several parts that defines, deploys, and upgrades Kubernetes apps and can be considered the standard package manager in the Kubernetes world.
