Google Cloud launches services to bolster open-source security, simplify zero-trust rollouts

Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.At its annual Google Cloud Security Summit, the company said it’s building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies.”Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up,” wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. “This helps explain research done by Sonatype software that shows that there’s a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers.”To read this article in full, please click here READ MORE HERE…

Read more

Google Cloud boosts open-source security, simplifies zero-trust rollouts

Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.At its annual Google Cloud Security Summit, the company said it’s building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies.”Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up,” wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. “This helps explain research done by Sonatype software that shows that there’s a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers.”To read this article in full, please click here READ MORE HERE…

Read more

IBM z16: A mainframe designed for AI, hybrid cloud, security and open source

Today’s announcement of IBM’s new z16 mainframes promises a system that caters to enterprise needs that include support for AI, security, hybrid cloud, and open source efforts well into the future.The new, more powerful and feature-rich Big Iron boasts an AI accelerator built onto its core Telum processor that can do 300 billion deep-learning inferences per day with one millisecond latency and includes what IBM calls a quantum-safe system to protect organizations from anticipated quantum-based security threats.
[Get regularly scheduled insights by signing up for Network World newsletters.]To read this article in full, please click here READ MORE HERE…

Read more

Gamifying machine learning for stronger security and AI models

We are open sourcing the Python source code of a research toolkit we call CyberBattleSim, an experimental research project that investigates how autonomous agents operate in a simulated enterprise environment using high-level abstraction of computer networks and cybersecurity concepts.
The post Gamifying machine learning for stronger security and AI models appeared first on Microsoft Security. READ MORE HERE…

Read more

How to enforce password complexity on Linux

Deploying password-quality checking on your Debian-based Linux servers can help ensure that your users assign reasonably secure passwords to their accounts, but the settings themselves can be a bit misleading.For example, setting a minimum password length of 12 characters does not necessarily mean that all your users’ passwords will actually have 12 or more characters.Let’s stroll down Complexity Boulevard and see how the settings work and examine some that are worth considering.[Get regularly scheduled insights by signing up for Network World newsletters.]
The files that contain the settings we’re going to look at will be:To read this article in full, please click here READ MORE HERE…

Read more

Removing Open Source Visibility Challenges for Security Operations Teams

  Identifying security threats early can be difficult, especially when you’re running multiple security tools across disparate business units and cloud projects. When it comes to protecting cloud-native applications, separating legitimate risks from noise and distractions is often a real challenge.   That’s why forward-thinking organizations look at things a little differently. They want to…
The post Removing Open Source Visibility Challenges for Security Operations Teams appeared first on . Read More HERE…

Read more

Whats So Strategic About the Trend Micro and Snyk Partnership?

What does a partnership between Trend Micro and Snyk mean for you, the customer? Can you really develop and deploy applications anywhere without security slowing you down? Greg Young, VP of Cybersecurity for Trend Micro, explains how the partnership benefits Trend Micro and gives our customers an extra edge in their security platform.
The post Whats So Strategic About the Trend Micro and Snyk Partnership? appeared first on . Read More HERE…

Read more