SecOps Blog – BMC Blogs http://www.bmc.com/blogs BMC Software Tue, 22 May 2018 07:47:14 +0000 en-US hourly 1 http://blogs.bmc.com/wp-content/uploads/2016/04/bmc_favicon-300x300-150x150.png SecOps Blog – BMC Blogs http://www.bmc.com/blogs 32 32 To Patch or Not to Patch: The Latest on Fighting the Spectre and Meltdown Vulnerabilities http://www.bmc.com/blogs/to-patch-or-not-to-patch-the-latest-on-fighting-the-spectre-and-meltdown-vulnerabilities/ Thu, 12 Apr 2018 00:00:49 +0000 http://www.bmc.com/blogs/?p=12134 A few months ago, we wrote about the Spectre and Meltdown vulnerabilities discovered in Intel processors and how to address them: primarily, by deploying software patches. But recently, the plot thickened. Microsoft’s Meltdown patch actually made the original vulnerability worse, creating the new “Total Meltdown” vulnerability that puts its predecessor to shame. While the original […]]]> Cryptojackers Are Stealing Your Electrons http://www.bmc.com/blogs/cryptojackers-are-stealing-your-electrons/ Tue, 10 Apr 2018 00:00:32 +0000 http://www.bmc.com/blogs/?p=12127 Currency, in all its forms, has thieves that take what is not theirs. Cryptocurrency is no different. The fact that bitcoins are not a physical currency does not stop cybercriminals from stealing them, but these are not the same as cryptojackers. Cryptojackers are out to steal your electrons. Hijackers are bad guys that overtake something […]]]> How SecOps Improves IT Security Through A Shift-Left Approach http://www.bmc.com/blogs/how-secops-improves-it-security-through-a-shift-left-approach/ Tue, 03 Apr 2018 00:00:12 +0000 http://www.bmc.com/blogs/?p=12110 Most of the time when we talk about SecOps, we are really implying DevSecOps. If you aren’t familiar with the DevSecOps concept, I suggest reading Rick Bosworth’s article on What is DevSecOps? DevSecOps Explained. However, not all organizations have completely transitioned over to DevOps. In today’s technology environments, there is still a mix of modern […]]]> 6 Practices IT Operations Can Learn from Enterprise Security http://www.bmc.com/blogs/6-practices-it-operations-can-learn-from-enterprise-security/ Wed, 28 Feb 2018 08:38:48 +0000 http://www.bmc.com/blogs/?p=11922 Introduction At this point, most IT leaders have realized that security must be integrated into every aspect of the organization. No longer can we leave risk management to a separate group that works in isolation from the rest of the IT groups. Nor can security be an afterthought. In my experience, the best way to […]]]> What is DevSecOps? DevSecOps Explained http://www.bmc.com/blogs/what-is-devsecops-devsecops-explained/ Mon, 26 Feb 2018 09:28:24 +0000 http://www.bmc.com/blogs/?p=11915 The explosive growth of public cloud spending — $128 billion in 2017, reaching $266 billion by 20211 — coupled with the continued adoption of DevOps continues to shape how organizations deliver innovative solutions to their customers. The ability to design, build, and deploy iteratively at an ever-increasing velocity has not only transformed responsiveness but also […]]]> Prevent Cryptojacking by Securing Kubernetes http://www.bmc.com/blogs/prevent-cryptojacking-by-securing-kubernetes/ Wed, 21 Feb 2018 23:23:31 +0000 http://www.bmc.com/blogs/?p=11909 A disturbing new trend is on the rise in public cloud security breaches. Attackers are not just stealing sensitive data, but now they’re also hijacking compute power in insecurely configured Kubernetes clusters to mine for cryptocurrency. Tesla, Aviva, and other companies had their Kubernetes clusters on AWS used for cryptocurrency mining, in addition to potential […]]]> Top 20 IT Security Conferences of 2018 http://www.bmc.com/blogs/it-infosec-cyber-security-conferences/ Fri, 12 Jan 2018 13:50:56 +0000 http://www.bmc.com/blogs/?p=11011 Last updated: 4/18/2018 Whether you are a security pro, software developer, security administrator, or any other role in the IT security fields, attending a conference is an excellent way to network with other professionals and extend your knowledge base. These IT security and cybersecurity conferences provide exclusive access to some of the newest innovations and […]]]> Spectre and Meltdown Vulnerabilities: Avoid the War Room http://www.bmc.com/blogs/spectre-and-meltdown-vulnerabilities-avoid-the-war-room-pizza/ Wed, 10 Jan 2018 00:00:57 +0000 http://www.bmc.com/blogs/?p=11719 Researchers have discovered a new way that hackers can potentially exploit systems to expose passwords, keys, and other sensitive data – and this time it involves the physical hardware. (Source: NYTimes) These new vulnerabilities, called Spectre and Meltdown, were discovered in Intel processors, and more specifically the way that the processors anticipate requests and cache […]]]> Resolutions to Improve Security in 2018 (Part 1) http://www.bmc.com/blogs/resolutions-to-improve-security-in-2018-part-1/ Wed, 03 Jan 2018 00:00:56 +0000 http://www.bmc.com/blogs/?p=11648 I first read Dr. Covey’s 7 Habits of Highly Effective People over 25 years ago and, despite the technological revolutions in that period, it is as relevant today as it was when the earth cooled. As we look to the new year for opportunities to improve our IT operations and security, let’s remember to begin […]]]> What is Threat Remediation? Threat Remediation explained http://www.bmc.com/blogs/what-is-threat-remediation-threat-remediation-explained/ Wed, 20 Dec 2017 00:00:55 +0000 http://www.bmc.com/blogs/?p=11615 With the recent onset of ransomware plaguing the Internet, threat remediation has become an important piece of the cybersecurity puzzle for businesses who wish to protect their digital assets. But what exactly does threat remediation mean? What are the most effective methods for successful threat remediation? And how can organizations know if they have adopted […]]]>