Forwarded from Vulnerability Management and more
Hello everyone! This episode is about Qualys Security Day 2021 Las Vegas, Qualys VMDR, VMDR Training and exam.
Video: https://youtu.be/jBdD0lNcJCY
Text: https://avleonov.com/2021/12/06/qsc21-vmdr-training-and-exam/
Video: https://youtu.be/jBdD0lNcJCY
Text: https://avleonov.com/2021/12/06/qsc21-vmdr-training-and-exam/
YouTube
QSC21, VMDR Training and Exam
Hello everyone! On the one hand, because of the pandemic, we have become more distant from each other. We work mostly remotely from home. Traveling to a conference in another country has become much more difficult than it used to be. Now it is not only expensive.…
Forwarded from k8s (in)security (D1g1)
Задумывались ли вы когда-нибудь как у облачных провайдеров в
1)
Как вы можете заметить по описанию реализации связей и воплощению они все отличаются от провайдера к провайдеру ...
managed Kubernetes решается к каким облачным сервисам тот или иной Pod имеет доступ, а к каким нет? Если вопрос у вас такой проскакивал, то для вас статья "IAM roles for Kubernetes service accounts - deep dive". В статье все на примере с AWS, но подобное есть уже и у других облачных провайдеров (у российских пока нет):1)
AWS: IRSA (KSA↔️IAM Role) - ServiceAccount annotation eks.amazonaws.com/role-arn
2) Google: Workload Identity (KSA↔️GSA) - ServiceAccount annotation iam.gke.io/gcp-service-account
3) Azure: AAD Pod Identity (KSA↔️AAD) - Workload label aadpodidbinding (Preview статус)Как вы можете заметить по описанию реализации связей и воплощению они все отличаются от провайдера к провайдеру ...
The US Department of Health and Human Services (HHS) has launched a website for its 405(d) Aligning Health Care Industry Security Approaches Program. The site offers cybersecurity resources for the healthcare sector, including recommended products, tools, and mitigations.
https://healthitsecurity.com/news/hhs-launches-new-website-to-align-healthcare-cybersecurity
https://healthitsecurity.com/news/hhs-launches-new-website-to-align-healthcare-cybersecurity
HealthITSecurity
HHS Launches New Website to Align Healthcare Cybersecurity
HHS launched a website for the 405(d) Program, which is made up of a task force focused on aligning healthcare cybersecurity approaches across the sector.
8 лет у тк 362 ушло на выпуск новой редакции гост 27001, а тут новая на подходе. ещё 8 лет?....
https://blog.ansi.org/anab/changes-new-iso-iec-27001-iso-iec-27002/
https://blog.ansi.org/anab/changes-new-iso-iec-27001-iso-iec-27002/
The ANSI Blog
Changes in the New ISO/IEC 27001 and ISO/IEC 27002 - ANAB Blog
Changes to the new ISO/IEC 27001/27002, coming in 2022 and 2023, will be vast for information security management systems.