InfoQ Homepage Threat detection Content on InfoQ
News
RSS Feed-
OpenSSF Launches Siren for Open Source Threat Intelligence
The Open Source Security Foundation (OpenSSF) has announced Siren, “a collaborative effort to aggregate and disseminate threat intelligence specific to open source projects”. The initiative comes in the wake of the XZ Utils compromise where it became clear that open source projects needed better ways to disseminate and receive relevant threat intelligence.
-
Enhanced Security for Enterprises: Google Launches Google Threat Intelligence
At the recent RSA Conference in San Francisco, Google Cloud introduced Google Threat Intelligence, a new security offering for large organizations. The new solution provides users with actionable insights, external threat monitoring, attack surface management, digital risk protection, and in-depth analysis of Indicators of Compromise (IOC).
-
Falco, Cloud-Native Security Tool for Kubernetes, Graduates from CNCF
CNCF announced the graduation of Falco, a tool designed for Linux systems and a de facto Kubernetes threat-detection engine. The project successfully met all graduation requirements, including undergoing the due diligence process, completing a third-party security audit, and obtaining the software licensing approvals.
-
Microsoft Open Sources AzDetectSuite Library for Detection Engineering in Azure
The Microsoft security team recently released AzDetectSuite, a collection of KQL queries and detection alerts against security threads on Azure and AzureAD. The open-source project provides basic detection capabilities at a low cost, targeting small environments within the Microsoft cloud platform.
-
Threat-Detection Tool Falco Now Supports Multiple Event Sources, Syscall Selection, and More
The latest release of Falco adds the ability to handle multiple simultaneous event sources within the same instance, support for selecting which syscalls to capture, a new Kernel Crawler to collect the most recent supported kernel versions, and more.