Security Recommendations from Cyber Safety Review Board
A new report from the Cyber Safety Review Board (CSRB) includes strategic and actionable recommendations for securing software and managing vulnerabilities, writes FOSSlife.
Specifically, the report spells out 19 recommendations to help organizations deal with threats and improve overall security, including:
- Maintain an accurate IT asset and application inventory
- Invest in capabilities to identify vulnerable systems
- Have a documented vulnerability response program as well as a documented disclosure process
- Increase investments in open source software security
Read more at FOSSlife.
08/04/2022
Related content
-
Build a secure development and production pipeline
We investigate best practices to secure CI/CD pipelines with DevSecOps. - Microsoft to Remove SMBv1 Protocol in Windows 10
-
News for Admins
In the news:Open Source AI Definition Now Available; Sysdig Report Highlights LLMjacking and Other Security Threats; Microsoft Releases OpenHCL, an Open Source Paravisor; NASA Moves Forward with Lunar Time Zone; Open Source Malware on the Rise, According to Sonatype Report; Six Principles of Operational Technology Cybersecurity Released; New Password Rules Recommended by NIST; OpenSSH 9.9 Released; Docker Updates Usage Plans.
-
Security issues when dealing with Docker images
Although developers appreciate Docker's ease of use and flexibility, many admins are worried about vulnerabilities. We look at various approaches to securing container images and the price to be paid. -
Detecting security threats with Apache Spot
Security vulnerabilities often remain unknown when the data they reveal is buried in the depths of logfiles. Apache Spot uses big data and machine learning technologies to sniff out known and unknown IT security threats.