Gamifying machine learning for stronger security and AI models

We are open sourcing the Python source code of a research toolkit we call CyberBattleSim, an experimental research project that investigates how autonomous agents operate in a simulated enterprise environment using high-level abstraction of computer networks and cybersecurity concepts.
The post Gamifying machine learning for stronger security and AI models appeared first on Microsoft Security. READ MORE HERE…

Read more

How to enforce password complexity on Linux

Deploying password-quality checking on your Debian-based Linux servers can help ensure that your users assign reasonably secure passwords to their accounts, but the settings themselves can be a bit misleading.For example, setting a minimum password length of 12 characters does not necessarily mean that all your users’ passwords will actually have 12 or more characters.Let’s stroll down Complexity Boulevard and see how the settings work and examine some that are worth considering.[Get regularly scheduled insights by signing up for Network World newsletters.]
The files that contain the settings we’re going to look at will be:To read this article in full, please click here READ MORE HERE…

Read more

Removing Open Source Visibility Challenges for Security Operations Teams

  Identifying security threats early can be difficult, especially when you’re running multiple security tools across disparate business units and cloud projects. When it comes to protecting cloud-native applications, separating legitimate risks from noise and distractions is often a real challenge.   That’s why forward-thinking organizations look at things a little differently. They want to…
The post Removing Open Source Visibility Challenges for Security Operations Teams appeared first on . Read More HERE…

Read more

Whats So Strategic About the Trend Micro and Snyk Partnership?

What does a partnership between Trend Micro and Snyk mean for you, the customer? Can you really develop and deploy applications anywhere without security slowing you down? Greg Young, VP of Cybersecurity for Trend Micro, explains how the partnership benefits Trend Micro and gives our customers an extra edge in their security platform.
The post Whats So Strategic About the Trend Micro and Snyk Partnership? appeared first on . Read More HERE…

Read more

How to hack your own Wi-Fi network

One way to bolster your understanding of Wi-Fi security is to do some hacking yourself. That doesn’t mean you should infiltrate a company’s network or snoop on a neighbor’s setup. Rather, ethical hacking and legitimate Wi-Fi penetration testing – done in cooperation with the network owner – can help you learn more about the strengths and limitations of wireless security. Understanding potential Wi-Fi vulnerabilities can help you to better protect the networks you manage and ensure safer connections when you access other wireless networks.Start with a Wi-Fi stumbler
General purpose Wi-Fi stumblers are the simplest and most innocent tools to add to your pen testing kit. Though typically passive tools, they serve an important purpose. They allow you to see what access points (AP) are nearby and their details, such as the signal level, security/encryption type, and media access control (MAC) address. It’s a tool even a hacker would utilize to find the next victim.To read this article in full, please click here READ MORE HERE…

Read more

Study shows admins are doing a terrible job of patching servers

Open source has taken over the server side of things, but admins are doing a terrible job of keeping the software patched and up to date.Black Duck Software, a developer of auditing software for open-source security, has released its annual Open Source Security and Risk Analysis, which finds enterprise open source to be full of security vulnerabilities and compliance issues.[ For more on IoT security see our corporate guide to addressing IoT security concerns. | Get regularly scheduled insights by signing up for Network World newsletters. ]
According to the study, open-source components were found in 96% of the applications the company scanned last year, with an average of 257 instances of open source code in each application.To read this article in full, please click here READ MORE HERE…

Read more

22 essential security commands for Linux

There are many aspects to security on Linux systems – from setting up accounts to ensuring that legitimate users have no more privilege than they need to do their jobs. This is look at some of the most essential security commands for day-to-day work on Linux systems.sudo
Running privileged commands with sudo  – instead of switching user to root  – is one essential good practice as it helps to ensure that you only use root privilege when needed and limits the impact of mistakes. Your access to the sudo command depends on settings in the /etc/sudoers and /etc/group files. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ]
$ sudo adduser shark
Adding user `shark’ …
Adding new group `shark’ (1007) …
Adding new user `shark’ (1007) with group `shark’ …
Creating home directory `/home/shark’ …
Copying files from `/etc/skel’ …
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for shark
Enter the new value, or press ENTER for the default Full Name []: shark Room Number []: Work Phone []: Home Phone []: Other []:
Is the information correct? [Y/n] Y

If you run sudo and ask who you are, for example, you’ll get confirmation that you’re running the command as root.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more