Security archives
90 posts
Extra Factor Authentication: how to create zero trust IAM with third-party IdPs
By Stephanie Domas, 29 April 2025
In this article, I’ll explore an original and robust method for using third-party IdPs that allows you to maintain a zero trust security posture, thanks to...
Automated patching for the Linux kernel
By Rajan Patel, 31 March 2025
To start securely and efficiently, Linux systems follow a carefully orchestrated sequence of steps to initialize firmware and manage services. Applying...
70% of IT teams spend more than 6 hours per week on security patching – new IDC research
By Canonical, 26 March 2025
Open source software is a popular tool for businesses for many reasons, but this adoption has introduced new challenges in maintaining their open source...
What is Application Security (AppSec)?
By Stephanie Domas, 24 March 2025
Application security (or AppSec, for short) is a broad term that refers to all of the tools, actions, and processes that an organization uses to protect its...
How to conduct a vulnerability assessment
By Luci Stanescu, 28 February 2025
The realm of information security is fraught with jargon, as anyone who has come across vulnerability-related terms can tell you. To complicate matters...
EU Cyber Resilience Act compliance: best practices for IoT manufacturers
By Stephanie Domas, 6 February 2025
The EU Cyber Resilience Act has considerable repercussions for the IoT device manufacturers. In this blog, we explore these new regulatory requirements and...
Rsync remote code execution and related vulnerability fixes available
By eslerm, 14 January 2025
Canonical’s security team has released updates of the rsync packages for all supported Ubuntu releases. The updates remediate CVE-2024-12084, CVE-2024-12085,...
What is patching automation?
By Matthew de Klerk, 18 December 2024
In software, patches are updates that are designed to overcome problems, flaws or vulnerabilities in the programming. Patch management is the process of...
What is vulnerability management?
By Matthew de Klerk, 12 December 2024
Vulnerability management is the holistic process of identifying and handling security risks in an organization’s networks, systems and devices. Vulnerability...
Canonical announces Ubuntu Security Research Alliance Program
By Canonical, 4 December 2024
Today, Canonical, the publisher of Ubuntu, announced its new Ubuntu Security Research Alliance Program, a free partnership between Canonical and open source...
How Ubuntu keeps you secure with KEV prioritisation
By Diogo Sousa, 21 August 2024
The Known Exploited Vulnerabilities Catalog (KEV) is a database published by the US Cybersecurity and Infrastructure Security Agency (CISA) that serves as a...