Lmst

Secure by default? What is it? What does it mean for manufacturers and for customers?

Register today for the Nordic Software Security Summit!
https://nsss.se

#appsec #securebydefault #cybersecurity #EUCRA

The feature-list of secureblue is a great resource to start your research about security concepts. https://secureblue.dev/features

But do we really need a special GNU/Linux distribution that is secure? Let's go #SecureByDefault!

#secureblue #linux #silverblue #fedora #cybersecurity #privacy

Don’t miss your chance to hear Matt Wyckhouse join leading voices in the IoT security ecosystem to explore how secure-by-default principles are shaping the future of connected products.

Register here: https://www.bigmarker.com/horizon-house-publications/track-3-security-by-design-default-breach-defense-as-embedded-concept?utm_bmcr_source=fst

#IoT #SupplyChainSecurity #SecureByDefault #IMC2025

On June 12th, Matt will be joining a panel at IMC's IoT Days Summer Conference to discuss how global manufacturers can operationalize security throughout the software supply chain.

Reserve your spot https://www.bigmarker.com/horizon-house-publications/track-3-security-by-design-default-breach-defense-as-embedded-concept?utm_bmcr_source=fst

#IoTSecurity #SecureByDefault #SoftwareSupplyChain

Day 7/10: Webhooks = silent risk.

In this episode:
• What a webhook really is (and why bots love them)
• How attackers fake or flood webhook messages
• How to protect with secrets, and monitoring

Guard the door you didn’t realize was open.
Follow @nickbalancom for simple, sharp security.

#Cybersecurity #Webhooks #AIThreats #SecureByDefault #nickbalancom

💡 On Claroty Nexus, George Hulme writes about the need for a "secure-by-default" approach in #healthcare around connected medical devices and patient information systems. #SecureByDefault offers a critical shift in how healthcare providers approach cybersecurity, ensuring systems are protected from the moment they're implemented, with minimal configuration changes required. https://nexusconnect.io/articles/secure-by-default-the-necessary-prescription-for-secure-healthcare-delivery

🛠 Forged in Fire: Why Ansible Speaks the DeadSwitch Language #DeadSwitch #Ansible #CyberSecurity #DevSecOps #LinuxHardening #VaultMinimal #GhostCompliance #AutomationWithIntent #Agentless #CyberGhost #SecureByDefault #InfrastructureAsCode #OpSec #SystemHardening #EmacsOrgMode #SilentAutomation

http://tomsitcafe.com/2025/04/25/%f0%9f%9b%a0-forged-in-fire-why-ansible-speaks-the-deadswitch-language/

Discover why both Secure by Design and Secure by Default are essential for robust AppSec. https://jpmellojr.blogspot.com/2025/02/secure-by-design-and-secure-by-default.html #AppSec #SecureByDesign #SecureByDefault #SoftwareSecurity #CISA #ApplicationSecurity

For those looking for OpenBSD advocacy material, I will allow myself to push my own "What every IT person needs to know about OpenBSD", as a three part series on the APNIC blog starting with part one at https://blog.apnic.net/2021/10/28/openbsd-part-1-how-it-all-started/, also available in one big chunk without tracking at my webspace https://nxdomain.no/~peter/what_every_it_person_needs_to_know_about_openbsd.html or *with* trackers and slightly nicer formatting at https://bsdly.blogspot.com/2021/09/what-every-it-person-needs-to-know.html - enjoy!

(also links therein) #openbsd #securebydefault #qualitysoftware

Now that #OpenBSD 7.6 is out, a reprise of the daily life with our favorite operating system piece "You Have Installed OpenBSD. Now For The Daily Tasks." https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html (prettified, tracked https://bsdly.blogspot.com/2024/09/you-have-installed-openbsd-now-for.html) may be in order.

Enjoy the #OpenBSD #freesoftware #securebydefault experience!

"By default Deno allows importing sources from following hosts:

deno.land
esm.sh
jsr.io
cdn.jsdelivr.net
raw.githubusercontent.com
gist.githubusercontent.com"

I'm loving #deno and it's #secureByDefault but this particular setting feels weirdly permissive compared to the strictness of the rest of their permissions model.

I guess the security sandbox is more about limiting what code can do, rather than what code gets executed.

https://docs.deno.com/runtime/fundamentals/security/#importing-from-the-web

Latest Intune blog is up where we show how to add exclusions to Windows ASR Rules.

ASR Rules are excellent for helping us reduce our endpoint attack surface, but as we know there are always exceptions lol!

#blueteam #cybersecurity #securebydefault #intune #microsoftsecurity

https://strategic-cyber.co.uk/2024/09/03/microsoft-intune-19-add-asr-rule-exclusion

TBH, #JavaScript was a mistake and stuff like Report URI should not exist to begin with - like #3rdParty #Antivirus should not exist as #security of a #OS / #Distro should be the primary task of it's #maintainers to the point that any #DefaultInstall is as secure as #OpenBSD's and that all offered 1st and 2nd party tools.should be confogured "#SecureByDefault" and only when the #Admin / #User / #Customer modifies that should it become their #responsibility...

Just like with #Cars, #Trains and #Airplanes which are mandated to be "#SecureByDesign" and only violating codes, manuals and (gross) neglect can cause issues!

Meanwhile I take pride in using 0 #JS and will keep it that way, because it's excessive abuse made it problematic.

#sentinel Part 2 out now as we continue to cover deployment from scratch.

We look at using the free data feeds, and creating our first workbooks.

#blueteam #cybersecurity #SIEM #SOAR #securebydefault

https://strategic-cyber.co.uk/2024/06/19/microsoft-sentinel-part-2-deploying-a-sentinel-workspace-and-onboarding-free-data-sources