January 2021

tripwire

Malicious Actors Reserving Their Cyber Attacks for the Hospitality Industry

Cyber attacks that lead to data breaches are becoming increasingly common in all industries, but there are certain types of businesses that are more vulnerable than others. The hospitality industry in particular is one of the most likely industries to be targeted by cybercriminals in addition to retail and finance.

cyphere

What is Access Control? Key data security component

Access control is unarguably one of the essential aspects of information security. It is the means or method by which your business or any entity or organisation of interest can deny access to an object to subjects or entities not permitted specific access rights. Access control provides an organisational means to limit and control access permission to and by end-users and other interested entities to grant only approved and adequate access.

ekran

12 Best Cybersecurity Practices in 2021

Is your sensitive data secure? It’s no exaggeration: any company can fall victim to cyber crime. Reports of cyber attacks come from government organizations, educational and healthcare institutions, banks, law firms, nonprofits, and many other organizations. Hackers, insider threats, ransomware, and other dangers are out there. Smart businesses are investing more in cybersecurity to eliminate risks and keep their sensitive data safe, and this has already brought the first results.

outpost 24

Multiple vulnerabilities discovered in Pyrescom Termod4 smart device

The Internet of things, cyber-physical systems, smart offices, smart homes. We are getting accustomed to these ‘smart’ concepts; lights turn off automatically when you leave home. Your car drives you, instead of the other way around and you quickly scan your access badge to check-in at work. All the little conveniences that make our lives easier, our work more enjoyable and ever so slightly improves our lives… Until they bite you in the behind.

netacea

Price scraping: How does it work and who is at risk?

Scraper bots are commonly used to acquire prices and content from websites for competitive advantage. Aggressive scraper bot activity slows down websites for customers, resulting in a bad user experience that costs the retailer revenue as frustrated customers are driven to competitors, while exposing vital pricing data.

veriato

How to Use Workplace Investigation Software

Human Resources departments are typically tasked with conducting workplace investigations into allegations of misconduct or criminal activity. Every complaint or allegation has the potential to turn into a lawsuit or criminal case, which is why it’s so important to conduct thorough investigations to find out exactly what happened. Having the right tools can make it far easier for Human Resources departments to uncover the truth.

cyphere

Penetration Testing vs Vulnerability Scanning

Vulnerability scans and penetration test are often used interchangeably. Unfortunately, it is the improper use that creates confusions, sometimes around security decisions too. This article shal help the reader with these terms: penetration testing vs vulnerability scanning, their project inputs, outputs, security health indicators and decision making factors.

ioncube24

Weekly Cyber Security News 29/01/2021

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. A few interesting ones to mention this week. One that I experienced personally a few years ago when I setup an Asterisk box at home. Suddenly started receiving random external SIP connections without exposing the ports to the firewall. Found out it was that ALG feature in the router, and one I couldn’t switch off.

Snyk

Snyk and Rapid7 strengthen partnership to provide a holistic risk assessment solution for container applications

Modern organizations are working hard to differentiate their products and services by creating innovative solutions that their customers can leverage at home and on-the-go, forcing them to consider new, more agile approaches to application development that empower their development teams to accelerate time-to-market, and launch new solutions as quickly as possible.

teramind

Lessons Learned from the SolarWinds Hack

Supply chain attacks are one of the trickier challenges for organizations to defend against since they undermine our trust in otherwise trusted systems that we depend on for running our software and protecting our data. If an adversary is able to successfully compromise a key component of a popular supply chain product, the impact can be widely felt by many organizations.

alienvault

Serverless computing: Is it worth the risk?

A new trend for developers is emerging, as many companies shift towards using serverless computing. The name is a bit misleading, as serverless computing still relies on servers for storing data, but those who use serverless computing leave the maintenance of the server to their provider. They pay only for the storage needed to execute the code they develop.

nightfall

The Economics of Data Loss Prevention

In 2017, The Economist announced that the world’s most valuable resource is no longer oil – it’s data. Since the phrase “big data” was coined in the 1990s, data has become increasingly important to virtually every aspect of running a business – not to mention how we conduct our daily lives. It’s no surprise that some of the most valuable companies are also those that capture the most user data. Take Facebook, for instance.

netskope

More Security Tools Doesn't Always Mean More Security. It Might Even Mean Less.

Even before the pandemic, many companies were undergoing significant transformation as they transitioned to cloud or hybrid architectures and grappled with problems caused by tool sprawl due to the quick adoption of many disparate tools. For some, COVID-19 and the rush to remote work fueled and exacerbated these challenges.

forgerock

What Is Entitlement Creep?

The risk of identity breaches to global organizations cannot be overstated. Cybercriminals continue to attack organizations across the enterprise and numerous verticals. As noted in the 2020 ForgeRock Consumer Identity Breach Report, unauthorized access (40%) is the number one attack method by cybercriminals in 2020. It’s no wonder there has been a 78% increase in compromised consumer records over the previous year.

synopsys

Securing your code: GDPR best practices for application security

GDPR best practices often focus on how to process and manage personal data, but companies should also consider application security to ensure compliance. The standard cliché used to be that you are what you eat. Which remains true, of course. But it’s also incomplete—so last century. Today, you are what you do online, which is almost everything.

Create and Run an Unauthenticated Dynamic Analysis

In this video, you will learn how to create, configure, and schedule an unauthenticated Dynamic Analysis. An unauthenticated Dynamic Analysis scan is appropriate when the site you are scanning does not require a login. Veracode Dynamic Analysis also supports the scanning of websites that require authentication, such as such as login via a webform, browser based, or NTLM.
WhiteSource

Open Source Licenses in 2021: Trends and Predictions

As this year comes to a close, it is a good time to take a look at the trends of open source license usage in 2020 and compare them to previous years. Our research team has collected information from the WhiteSource database, which includes more than 4 million open source packages and 130 million open source files covering over 200 programming languages, to learn which were the most popular open source licenses in 2020.

wandera

A Quick Admin Guide to Android Security in 2021

Android security should be hot on IT’s radar this year, in our recent Cloud Security Report for 2021 we reviewed some of the major security events and trends over the past year and identified some pertinent to Android. We found that: According to Panasonic Business research, Android is typically the preferred OS for businesses with 72% of handheld devices using the Google OS. However, despite broad adoption, there are still security and device management concerns for businesses.

appknox

iOS App Security: 6 Ways How Apple Protects the User's Data

Apple loves bragging about how secure their devices are. Not without reason: there are lots of security features you probably use daily, including code autofill, password reuse auditing, Safari built-in privacy, and many more. Same for developers. For example, Apple doesn't release their source code to app developers for security reasons. And the owners of iOS devices can't modify the code on their phones themselves.

sqreen

Experimenting with remote debugging: Node.js runtime code injection

Remote debugging is fun to play around with. This article describes a method to dynamically change the behavior of a running Node.js process by enabling the remote inspector interface and then use the Chrome debug protocol. On Linux and MacOS, it is possible to send a SIGUSR1 signal to a running Node.js process. The process will open a websocket server listening on local interfaces only.

Snyk

Identify, prioritize, and fix vulnerabilities with Reachable Vulnerabilities for GitHub

Imagine you are a Java programmer and that you just decided you want to use Snyk Open Source scanning to help you find security problems in your third party libraries. Good call! However, after connecting your repository to the Snyk Open Source scanner, you find out that you have ten or maybe even 50 vulnerabilities in the packages you depend on. The major question is: where do I start?

splunk

Detecting the Sudo Baron Samedit Vulnerability and Attack

On January 26th, 2021, Qualys reported that many versions of SUDO (1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1) are vulnerable (CVE-2021-3156) to a buffer overflow attack dubbed Baron Samedit that can result in privilege escalations. Qualys was able to use this vulnerability to gain root on at least Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2), some of the most modern and widely used Linux operating systems.

sysdig

How to detect sudo's CVE-2021-3156 using Falco

A recent privilege escalation heap overflow vulnerability (CVSS 7.8), CVE-2021-3156, has been found in sudo. sudo is a powerful utility built in almost all Unix-like based OSes. This includes Linux distributions, like Ubuntu 20 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2). This popular tool allows users to run commands with other user privileges.

Image

Find threats faster: log more and spend less

The digital landscape continues to grow increasingly complex. The technologies and trends enterprises embrace as they accelerate their digital transformation - remote work, cloud computing, microservices, Internet of Things - all increase the complexity of the IT environment and, in turn, increase security risk and operational costs.
alienvault

TeamTNT delivers malware with new detection evasion tool

AT&T Alien Labs™ has identified a new tool from the TeamTNT adversary group, which has been previously observed targeting exposed Docker infrastructure for cryptocurrency mining purposes and credential theft. The group is using a new detection evasion tool, copied from open source repositories. The purpose of this blog is to share new technical intelligence and provide detection and analysis options for defenders.

siemplify

Introducing Best-of-Breed SOAR and TIP, Fused to Work Together

Batman and Robin. Peanut butter and jelly. Bernie and his mittens. Some things just go better together. Security orchestration, automation and response (SOAR) and threat intelligence platforms (TIPs) are two backbone technologies of every modern security operations team. In fact, Gartner views TIP as one of the components that make up a complete SOAR platform.

netwrix

Top GDPR Solutions for Security and Consent Management

The General Data Protection Regulation (GDPR) is a set of provisions and requirements governing data protection and privacy for individuals across the European Union. It applies to any business or public body — inside or outside the EU — that handles the personal data of EU residents. Essentially, GDPR requirements govern the way companies process and store personally identifiable information (PII).

redscan

Redscan Ethical Hacking Roundtable: key insights for 2021

Redscan’s 2021 Ethical Hacking Roundtable event explored critical vulnerabilities and other key issues facing security teams. The roundtable panel featured George Glass, Head of Threat Intelligence at Redscan, Tom Tervoort, who discovered and disclosed Zerologon, Dr Elizabeth Bruton, Curator of Technology and Engineering at the Science Museum and Dinis Cruz, CTO and CISO of Glasswall and OWASP Project Lead. Key insights from the panel included:

Sequoia Capital Global Equities shares how Netskope Proved It

Patrick Fu, managing partner at Sequoia Capital Global Equities, discusses how Netskope proved it has become the unrivaled leader driving innovation across cloud, data, and network security and why after extensive analysis of dozens of security vendors, Sequoia decided to invest in Netskope.
bearer

Understanding CCPA Compliance

The General Data Protection Regulation (GDPR) set a huge precedent in modern digital privacy regulation. We've seen regions throughout the world adopt similar data protection laws in the time since its inception, and the financial liabilities are only part of the story. Customers and users of software products are now savvier than ever when it comes to understanding the importance of data privacy rights.

bulletproof

Meet the people behind your compliance

At Bulletproof, we have a fantastic team who power our compliance services, which include GDPR, ISO 27001, Cyber Essentials, training, and act as our all-knowing outsourced Data Protection Officers. Both cyber security and data protection are crucial corporate responsibilities that we believe should be at the heart of any company’s day-to-day operations.

cyphere

When and How to report GDPR personal data breaches (Article 33)

The Data Protection Act was brought in in 2018, and it controls and monitors the way that UK businesses and organizations use your personal data and information, such as credit, payment card, financial information, social security numbers, and any sensitive data. Under the act, it is up to everyone to ensure that they use data wisely and adhere to the data protection principles that are laid down in the act, which are.

detectify

Security Defender Insights: "bad actors are using intelligence and automatic tools, we need to surpass those abilities"

In this new series, Security Defender Insights, Detectify is recognizing Security Defenders in our network to bring you actionable insights and inspiration for your security strategies in 2021. We want to encourage open discussions about web security and show appreciation for hard-working security practitioners. So let’s get started with this interview with Roberto Arias Alegria, Information Security Architect at Quandoo.

anlyz

SIEM & AI - A Match Made in Heaven?

Are Information security event management (SIEM) and artificial intelligence (AI) a marriage made in heaven or just more sales hysteria in the industry? The reality, of course, is that security and system/application event correlation systems have been around for quite a long time. The term SIEM was first promoted by analyst firm Gartner in 2005. The lingering question is, are the analytics available in SIEM products identical to AI, or is AI only rebranded for sales purposes with analytics?

logsentinel

Why Mid-Market Companies and SMEs Benefit From SIEM

Security information and event management (SIEM) has been “reserved” for large enterprises for a long time and therefore vendors largely ignored smaller customers. “Smaller customers” are medium enterprises and mid-market companies, according to various definitions and brackets, and they range from a hundred to more than a thousand employees. But the problem that SIEM solves are problems that these SME/mid-market organizations have as well.

[Webinar] Addressing the Growing Cybersecurity Challenges Facing the Healthcare Industry

Protecting and securing critical electronic health data is more important than ever, as the FBI and other federal agencies have been sounding the alarm on 'imminent' cyber threats targeting healthcare systems. Compounding this, NNT recently discovered sensitive medical data related to 13 million medical exams on hundreds of computers connected to the internet belonging to over 3.5 million patients.
idcentral

Digital transformation- Remodeling banking industry

It is an accepted fact that one needs to constantly keep upgrading oneself to stay relevant in the industry and progress. Banks are at tipping point of adopting the changes happening in the industry. Digital channels have become “table stakes”, financial institutions must find different ways to differentiate themselves. Upending conventions, COVID 19 catalyzed the adoption of digital initiatives by companies and has also radically changed consumer behavior.

devo

I Am Devo

In their debut LP, Q: Are We Not Men? A: We Are Devo!, the band introduces their defining theme that mankind’s evolution has reached the point—devolved to the point, actually—that we are converging on sameness… emotionless and robotic. This notion informed everything from the way Devo dressed (awesome!), to the music they wrote, to the way they performed. What does the band Devo’s theme of devolution have to do with me joining a software company of the same name?

Snyk

Guide to Software Composition Analysis (SCA)

2020 was a watershed year for open source. Digital transformation, already gaining momentum before COVID19 hit, suddenly accelerated. More and more companies became software companies, and with this shift—usage of open source peaked. Why? Simply put, open source enables development teams to deliver value more rapidly and more frequently, thus enabling their companies to better compete in their respective markets.

egnyte

Where is Your Center of the Universe for Business Content?

Five hundred years ago, astronomers believed the Earth was at the center of the universe. They calculated the orbits of the planets, the sun, and other stars based on this truth. Turns out, these calculations were not very accurate and astronomers had to repeatedly and incorrectly model their equations to conform with this truth. That was until Nicolaus Copernicus challenged the premise of the Earth at the center of the universe and posited the Sun to be at the center of the solar system.

Octiga

Cloud Security vs. Network Security: Which is Best for your SME?

Being in cybersecurity line of business and being aware of the issues faced by multiple small to mid-sized businesses, we often come across various jargon which may be unclear to some. One of the most common questions for SMEs is should they focus on cloud security or network security. It is hard for SMEs to prioritise their security budget and find affordability with security. To make an informed decision, it’s important to understand the options.

alienvault

JavaScript cybersecurity threats

JavaScript is a very useful programming language. Netscape developers invented JavaScript in 1995, and it revolutionized the web. Before JavaScript, webpages could pretty much only contain text, images, and hyperlinks. JavaScript empowered web developers to make webpages interactive, dynamic rather than static. Think of picture menus that animated when your mouse cursor went over it, and applets that could give you your local weather forecast or tell you which web browser you’re using.

tripwire

What Does Data Privacy Mean to Consumers and Corporations?

January 28 is Data Privacy Day (DPD)! I know, you’re so excited that you’ve got a party planned to get your executives, Marketing and Sales personnel to spend all day reviewing and revising your Privacy Policy (especially now that Privacy Shield is invalid). The general focus of DPD is to inform consumers about the need to maintain the privacy of their data and to assist them in this quest.

siemplify

Sitdown with a SOC Star: 13 Questions With Adva Harosh of First Quality

Our next edition of “Sitdown with a SOC Star” catches up with Adva Harosh, SOC manager at First Quality, a Long Island, N.Y.-based manufacturer of consumer hygiene products. Adva discusses her love for spreadsheets, why no podcast or book can match the value of a strong peer group, hijinx at the expense of her mom, and the story of a routine-looking threat that she just had to pursue further. Enjoy the Q&A!

Introducing Siemplify ThreatFuse

ThreatFuse is an add-on module to the Siemplify SOAR platform, powered by Anomali, which ingrains threat intelligence across the entire detection and response lifecycle. From enrichment with real-time threat indicators, through threat hunting and intelligence sharing, security analysts can validate, investigate and respond to threats with unprecedented speed and precision.
netskope

Who Knows When, Or If, We'll Go Back to the Office? We Must Make Good Security Moves Regardless.

The management consulting firm Korn Ferry recently surveyed professionals about what they were most looking forward to when they return to the office, and more than 20 percent of them said “nothing.” (No kidding.) Some 64 percent of respondents are cited as saying that they’re more productive at home. (Not surprised.)

ekran

Insider Threat Risk Assessment: Definition, Benefits, and Best Practices

Insider threats are expensive. The average cost of an insider threat rose to $11.45 million according to the 2020 Cost Of Insider Threats Global Report [PDF] by the Ponemon Institute. Companies have to spend a fortune on lawsuits, fines for non-compliance with security requirements, and to mitigate the consequences of cybersecurity incidents. Not to mention the negative impact such incidents have on an organization’s reputation.

detectify

Detectify's ISO 27001 certification use case and guide for SaaS companies

A SaaS start-up can only go so far before it’s time to consider certifications and compliance standards for advancement. But let’s make it clear that at Detectify, we don’t see compliance as security. If you’re stuck in between the two right now, here’s our use case for getting ISO 27001 certification and how we made it work for Detectify, a SaaS-based web application security scale-up that has its fair share of passionate security defenders aboard!

veracode

Which AppSec Testing Type Should You Deploy First?

The gold standard for creating an application security (AppSec) program is – and always will be – to follow best practices. By following preestablished and proven methods, you can ensure that you are maximizing the benefits of your AppSec program. Unfortunately, time, budget, culture, expertise, and executive buy-in often restrict organizations from following best practices. But that doesn’t mean that you can’t create an impactful AppSec program.

lookout

Ensure Everyday is Data Privacy Day

It’s no secret that the world has become more dependent on mobile technology. We can now pay our bills, shop for groceries and share photos with family with the tap of a finger. But this also means that our personal data is now more exposed than ever. On the bright side, we are collectively becoming more conscious about data privacy. In 2020, TikTok kick started an unexpected global discussion about what data apps collect and how they are used.

sqreen

Sqreen's architecture through the ages: part two

Welcome back to part two of our series on Sqreen’s architecture through the ages. Part one covered Sqreen’s history pre-customers up to the point where we first started supporting our early paying customers. Today, we’re going to take a look at how we scaled up our architecture from the early days to supporting hundreds of customers, as well as the feature richness we added along the way.

Security Challenges and Opportunities of Remote Work | Kill the VPN |

The COVID-19 pandemic forced many organizations to shift to a remote workforce almost overnight, most of which were not prepared for the sudden change. In their efforts to ensure their employees could remain productive, a number of organizations relaxed their security policies and unwittingly exposed their networks to compromise. As the pandemic continues, security challenges remain, but organizations also now have opportunities to find and fix vulnerabilities and improve their overall security posture, even as their employees eventually migrate back to the office.
Snyk

Goodbye, 2020! Lookout, 2021

Like most people, I am not at all sad to see 2020 go. It introduced unique pressures that challenged all of us in different ways. As snykers, I believe we have emerged stronger. Throughout the year, our global team—alongside our partners and customers—reached so many impressive milestones, made that much sweeter due to the headwinds we all faced in achieving them. Ending the fiscal year, Snyk: Yes—two acquisitions.

cloudpassage

Inside the Unified Cloud Security Enterprise Buyer's Guide

Rapid cloud transformation, accelerated by the shift to work-from-anywhere environments throughout 2020, has accelerated the pace of change in nearly every industry. Security teams have been asked to do more with less, securing more cloud assets and workloads than ever before, while adapting to entirely new infrastructures and threat landscapes.

elastic

How to export and import Timelines and templates from Elastic Security

When performing critical security investigations and threat hunts using Elastic Security, the Timeline feature is always by your side as a workspace for investigations and threat hunting. Drilling down into an event is as simple as dragging and dropping to create the query you need to investigate an alert or event.

Forward Fix: Use Case for Network Query Engine Library

Technical Solutions Architect, Kevin Kuhls demonstrates a use case for Forward Enterprise's Network Query Engine (NQE) Library. Watch as he finds all BGP neighborships that are not in the established state without tediously logging into each router or writing complex scripting. Across all vendors and locations, Forward Enterprise models all the devices and NQE allows you to grab the data you want.
manageengine

Why ManageEngine PAM360 is the ultimate privileged access management solution

At ManageEngine, we‘re building one of the most comprehensive and tightly integrated IT management software suites on the market. We have over 90 products and free tools to manage all your IT needs, including Active Directory management, help desk management, desktop and mobile device management, network and server management, application management, IT security, and analytics.

alienvault

How reliable is real-time security?

Today’s world is a fast-paced one, and that reality means changing the approach to security. Traditional ways of securing networks or premises often involved responding to threats after they happened or preparing for the most likely attacks based on experience. Now, an option called real-time security — or real-time adaptive security — allows people to use a different method.

tripwire

A Look at the Legal Consequence of a Cyber Attack

Is your system 100% ready to face the severest cyber-attack and mitigate the risk of a possible data breach? If you are unsure about your cyber-safety structure, then it’s time to upgrade it. Otherwise, you could be at risk of lengthy legal battles that result in hefty fines. Beyond that, the cost in terms of reputational loss could be catastrophic if not handled meticulously by professionals within a reasonable time.

cygilant

University Credit Union Talks Pandemic Handling, Cybersecurity Challenges & Benefits of Cygilant

We recently spoke to our customer Eric Hoskins, Senior Vice President / Chief Information Officer at University Credit Union, to discuss everything from his role, working in the pandemic, his biggest cybersecurity challenges and how Cygilant helped address them. University Credit Union was established in 1947 as the University of Miami Credit Union to serve the University of Miami faculty, staff and alumni.

synopsys

How to manage open source risks using Black Duck SCA

Open source risk goes beyond application security. Legal, operational, and supply chain implications demand a capable solution like Black Duck SCA. Open source can be found in everything; nearly all applications in all industries are composed to some degree of open source. The introduction of more cloud-native applications, more open source usage as a whole, and the creation of more-complex applications mean organizations are facing increasing levels of risk.

detectify

Detectify security updates for January 25

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

teleport

Microservices, Containers and Kubernetes in 10 minutes

What is a microservice? Should you be using microservices? How are microservices related to containers and Kubernetes? If these things keep coming up in your day-to-day and you need an overview in 10 minutes, this blog post is for you. Fundamentally, a microservice is just a computer program which runs on a server or a virtual computing instance and responds to network requests.

idcentral

Digital Identity Trends: 3 Forces shaping 2021

We live in a world where our heads are filled with security logins and pockets filled with Identity cards, but since a few years there is another rising star in the world of identity-DIGITAL IDENTITY. What is a digital ID? A digital identity is a set of verified digital attributes and credentials of a person, just like a person’s ID card for the physical world.

styra

Integrating identity: OAuth2 and OpenID Connect in Open Policy Agent

In order to make policy decisions we commonly need to know the identity of the caller. Traditionally this has often been done by providing a user or client identifier along with the request, and using that identifier to look up further information like user details or permissions from a remote data source. While this model works fairly well for many applications, it scales poorly in distributed systems such as microservice environments.

Snyk

Docker for Node.js developers: 5 things you need to know not to fail your security

Docker is totalling up to over 50 billion downloads of container images. With millions of applications available on Docker Hub, container-based applications are popular and make an easy way to consume and publish applications. That being said, the naive way of building your own Docker Node.js web applications may come with many security risks. So, how do we make security an essential part of Docker for Node.js developers?

Vulnerability Assessment Using Datadog and Snyk

Vulnerability assessment for teams can often be overwhelming. This joint Datadog and Snyk session demonstrates the new integration between the two companies, which enables developers to precisely identify and prioritize code-level security fixes in production applications. Using a sample Java application, you'll see how Snyk surfaces vulnerability information at runtime inside the Datadog UI to help users triage fixes by not just seeing that a vulnerability exists but also how often they are exposed.
egnyte

Fulcrum Therapeutics - A Single Repository For Collaboration, Compliance, and Control

Chris Moxham, Ph.D., is the Chief Scientific Officer at Fulcrum Therapeutics, an innovative biotech addressing the causes of genetically defined disease. By developing treatments that address the root cause of disease, Fulcrum goes a step further than creating therapies that just manage symptoms and develops treatments that alter the genetic expression of disease, enabling life-changing outcomes.

tripwire

NIST Cybersecurity Framework - The Key to Critical Infrastructure Cyber Resiliency

In the digital age, organizations and the missions and business processes they support rely on information technology and information systems to achieve their mission and business objectives. Not only is technology used to efficiently enable businesses to carry out operational activities, but it is also the backbone for the United States’ critical infrastructure.

tripwire

4 Steps for Assessing Your NERC CIP Compliance Program

The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) Standards are a cybersecurity compliance framework designed to protect utility organizations. Adhering to these guidelines is essential—falling short will leave your environment vulnerable to malicious actors and can result in some hefty fines.

netskope

Applying 3 Practical Lessons from the SolarWinds Breach

It’s been more than a month since the SolarWinds breach first started dominating security headlines, and we’re still learning new details about the attacks and the organizations affected. Even as the discussion quiets down, it’s easy to imagine we’ll still be looking back and analyzing the full effects of these incidents in much the same way we talk about other seminal breaches and security events from the past 20 years.

bulletproof

5 reasons you need to pen test in 2021

Now that 2021 is proving to not be the fresh start many hoped for, it’s time to re-examine the security lessons learnt in 2020. As the transformational business challenges of the last 12 months demonstrated, security should always be high on the agenda no matter what your organisation size. After all, as we revealed in our 2021 annual cyber security industry report, hackers don’t care what size or type of business you are – only if you’re an easy target.

synopsys

How to cyber security: Faceplanting in 10 lines of code

Sometimes it’s hard to convince people that security needs to be part of every software development process. “We passed all our tests,” they might tell you. “Isn’t that good enough?” The problem is that functional testing usually focuses on the happy path—a place where users act rationally, systems behave well, and nobody is attacking your application.

cyphere

What is an Open Port? Port Scanning, Risks and Monitoring.

Port scanning is the critical element of any cyber risk assessment conducted under infrastructure security or network security domains. It helps to identify all the exposed services on a system or network. Presence of open ports doesn’t indicates importance from attack perspective only; they are equally vital from a defensive front.

veracode

AppSec Bites Part 1: Balancing Speed and Thorough AppSec Coverage

In today’s world, speed wins. Just take Amazon for example. You can place an order with the click of a button and have it delivered to your door in under twenty-four hours. Retailers that can’t compete with Amazon’s speed are falling behind. The same level of speed and efficiency is expected with technology. Companies are in a race to deliver new and innovative technology first. But aside from speed, companies are also concerned about the security of their software.

rezilion

The Solarwinds Breach Highlights the Need for Desired State Enforcement

The recent Solarwinds hack is the latest headline grabbing zero day to send shockwaves throughout the information security community. It was a sophisticated supply chain attack that incorporated several forensic countermeasures and impacted a number of large government institutions and private companies.

manageengine

IT security under attack: Credential dumping attacks in Windows environments

Most of the time, threat actors in the cybersecurity landscape don’t employ advanced techniques and tools to intrude and establish a foothold within networks. Often, they disguise malicious operations by mimicking the activities of legitimate users, leaving behind little to no footprint. Blending malicious actions with day-to-day IT activities helps attackers maintain a low profile and remain undetected for a longer period.

alienvault

Education, certifications, and cybersecurity

The question of cybersecurity certifications comes up very frequently on discussion boards. What is the best certificate to get? Is a college degree better for getting a cybersecurity role? What education or skills are needed for various cybersecurity roles? And many, many more. In this post, I'll try to clarify some of these questions and more.

siemplify

The Case for Automation in the Physical (And Remote) SOC, Featuring Forrester Research [Video]

Security operations teams that continue to rely on manual processes are squarely sitting behind the proverbial eight ball. The times are a-changing – only hurried along by the COVID-19 pandemic – and Forrester’s Joseph Blankenship and Chase Cunningham are here to share their perspective on the future of the SOC as part of a four-part series with Siemplify.

nightfall

CISO Insider S1E4 - Change management and risk triage with Lisa Hawke

At Nightfall, we believe in the power of learning from those who have done it before. That’s why we created CISO Insider — a podcast interview series that features CISOs and security executives with a broad set of backgrounds, from hyper-growth startups to established enterprises. Through these interviews, we’ll learn how industry experts overcame obstacles, navigated their infosec careers, and created an impact in their organizations.

Insider Threat Management for an Educational Organization

See why the education organization PECB says Ekran System is the best choice for insider threat management. Robust insider threat management from Ekran System helped an international certification body effectively secure their internal system against security threats and maintain compliance with international information security regulations.
synopsys

How to evaluate the ROI of your software security program

The ROI of software security is difficult to calculate when the goal is to avoid a breach. Learn where to look for ROI in an AppSec program to maximize your investment. A common declaration at security conferences is that if organizations invest in software security, it will pay dividends. Indeed, “investment” implies a dividend.

WhiteSource

API Security in a Digitally Transformed World

One unexpected consequence of the global pandemic is the acceleration of digital transformation across organizations of all sizes. With so many employees working from home, organizations realized they needed to upgrade to a cloud infrastructure to support everyone working remotely. As applications moved from on-premises to the cloud to support these new remote users, organizations needed to think about the APIs and microservices that connected users to essential applications.

wandera

How to avoid the biggest mistakes with your SaaS security

The popularity of SaaS applications for businesses continues to grow with 95% of businesses hosting sensitive information in the cloud. Traditional security models and boundary-focused, rely on firewalls and other perimeter appliances. These models are not compatible with modern cloud orientated services and as a result, businesses have had to adapt their security strategies. In this blog, we cover the top three mistakes that are made in SaaS security.

anlyz

Why is polymorphic malware better than metamorphic malware?

Imagine a malicious entity or virus that can change and modify over time. This shapeshifter camouflages itself by adjusting its "genetic makeup," its code to conceal itself from those who are trying to destroy it. Sadly, this situation is not just something that you need to think up. While it may sound like something from a science fiction novel, in the world of IT security, polymorphic malware is all too true. Polymorphic malware is more common than most people realize.

sqreen

Preventing SQL injections in Java (and other vulnerabilities)

One of the most common types of attack an application can suffer is what we call SQL injections. Since SQL injection attacks are both common and potentially devastating, it’s essential you not only are aware of them but also know how to defend your applications. That’s what this post is about: helping you protect your Java apps against SQL injections. A few other security vulnerabilities are included in the mix as well.

15 minute demo | Teleport Cloud | SSH | Kubernetes | Application access

Try out Teleport Cloud today! Teleport implements industry best security practices out of the box and brings all computing resources into compliance with security standards such as SOC2, PCI, and FedRAMP by providing all necessary access controls as well as audit and visibility into access and behavior across all computing environments Benefits of Teleport cloud Shorter time to production No hardware or software to procure, simple pricing Wizard-based approach to setup and configuration Shared-nothing infrastructure, no noisy neighbor problems
splunk

Splunk SOAR Playbooks: Finding and Disabling Inactive Users on AWS

Every organization that uses AWS has a set of user accounts that grant access to resources and data. The Identity and Access Management (IAM) service is the part of AWS that keeps track of all the users, groups, roles and policies that provide that access. Because it controls permissions for all other services, IAM is probably the single most important service in AWS to focus on from a security perspective.

humio

Improve security resilience by removing data blindspots

Find out how removing blindspots in data can save users millions of dollars by reading our report: Find threats faster: Log more and spend less. SIEM systems offer an all-in-one security solution, but with increasing data volumes from cloud systems and microservices, the total cost of ownership of a SIEM is going up. As pressures mount on security teams to do more with less, teams are finding the scalability and cost-savings they need in log management solutions.

tripwire

Five Things Security and Development Teams Should Focus on in 2021

As we say goodbye to 2020 and spend time reflecting on the industry changes, reassess our workflows and procedures in order to identify where 2021 will bring us, it’s a brilliant time to also address our security practices and ways we can bring improvement to those, as well. After considering the top challenges I saw with development teams and security teams within development environments, I came up with a list of ways to focus our security improvements for 2021.

upguard

Five Things to Know About Third Party Risk

It's no longer enough to simply ensure that your organization's systems and enterprise web presence are secure. Your risk management program needs to look beyond the perimeter of your organization to properly vet the third and fourth-party vendors who will have access to your data without being subject to your internal risk management process. The use of third parties in your supply chain or for data handling create potential risks that can be compounded by these third-party weaknesses.

calligo

UPDATE 6: The Data Privacy Periodic Table

Once again, to mark Data Privacy Day (or Data Protection Day in Europe), we have released a new update to the Data Privacy Periodic Table – our industry-renowned open project to create a regularly-updated digestible guide to the confusing world of data privacy. You can download the latest version of The Data Privacy Periodic Table, here. This is its sixth update, and roughly three and a half years after its launch in September 2018, what have we learned?

calligo

The Data Privacy 'To Do List' for the new US administration

A new administration in the most influential economy in the world triggers news hopes and expectations in every industry. But if major change were to be on the agenda, what would be the most beneficial, transformative, impactful or prudent new data privacy initiatives that the new US administration ought to introduce? Here’s my top three: The obvious – and trickiest – first area for the new administration is a federal privacy law.

appknox

Everything You Need to Know About Web Socket Pentesting

WebSockets is a bi-directional, full-duplex communications protocol initiated over HTTP. They are commonly used in modern web applications for streaming data, Chat applications, and other asynchronous traffic. It is a protocol where the client and server can send the messages simultaneously over the channel.

lookout

Mobile Security Best Practices for Law Firms

I write a lot about how organizations can secure their workers as they start using tablets and smartphones more for work. The truth is, the legal professional has been ahead of that curve for years. Even before smartphones were introduced over a decade ago, lawyers, paralegals and legal staff were already using cellphones to stay on top of case work. Now, with smartphones and tablets, your law firm’s staff can do everything they used to do in an office from wherever they go.

Secure RBAC / SSO for Kubernetes with Teleport OSS and Github Teams

The promise of elastic scale and cloud native has driven the demand for K8s, but developers now have the harder task of building applications in a secure manner. This talk will focus on best practices and potential pitfalls for securing K8s for the engineering team by using the K8s API server and control plane. Join us for a how-to on implementing a robust Role Based Access Control (RBAC) tied into the corporate SSO/Identity provider using Github Teams and open source software.
styra

Styra: 2020 Year in Review

I think we can all agree that 2020 was a year like no other. For enterprises, we’ve had to transition to a fully digital and cloud-first business, whether it was our workspace, security, technology, culture, or (and in most cases) all of the above. Thankfully at Styra, we’re lucky to have such a great team, community, and customer base that helped us not only navigate 2020, but make it a success.

Securing Cloud Native Applications at Scale.

Cloud-native architecture is improving time to capability at reduced cost for the enterprise.However, as your organisation transfers workloads to container, Kubernetes and serverless environments, a unified development and deployment approach requires increased involvement of the cybersecurity team.Join Mathias Conradt, Senior Solutions Engineer at Snyk, to learn how DevSecOps is being used to secure cloud-native applications.
Octiga

Effective Cybersecurity Automation Tools for SMEs who Use Microsoft Office 365

With one in three SMEs adopting cloud-first strategy more than ever, cybersecurity concerns have only grown exponentially. In the wake of the pandemic, nearly 95% of cybersecurity professionals have shown concerns regarding public cloud security. Microsoft Office 365 is at the heart of most small to mid-sized businesses. Combined with a rapid cloud adoption rate, security concerns are not far behind.

sumologic

SEGA Europe and Sumo Logic: Integrating security across clouds

At Illuminate 2020, Kashif Iqbal, Head of Corporate Technology and Cyber Security at SEGA Europe, shared their data security challenges and how they currently leverage Sumo Logic for their security needs. Kashif spoke about the four main benefits their security team have experienced since switching to Sumo Logic.

Image

The No-Nonsense Guide to Security Operations Metrics

Business guru Peter Drucker is famous for saying that you can't manage what you don't measure, and those words ring especially true in the security operations center (SOC). The SOC is home to great responsibility to the business, as it sits as ground zero for threat detection and response. But it also can be unwieldy due to a number of challenges, including an overreliance on manual processes, disparate sources of information and intelligence, and a lack of skills and people power to handle all the alerts and cases coming through.
tripwire

Data Classification Is Data Storage

‘Business’ is a verb that practically means the movement of data. If you aren’t sharing data – keeping the books, sharing ideas and stats about sales, getting the correct information regarding the customer or data to the customer – then you aren’t doing much business. But organizations need to protect their data along the way. Infosec has so many ways of protecting those sources of data, so much so that users of the data often complain.

tripwire

Improving Your Security Posture with the Pipeline Cybersecurity Initiative

A few years ago, I worked alongside some oil commodity traders. Environmental concerns aside, I never realized how many parts were required to get the oil out of the ground, not to mention everything else that finally resulted in the production of refined products that surround our lives. As a cybersecurity professional, I was more interested in how all the pipelines were intertwined and, of course, protected.

siemplify

Power Up Your SOAR Game with the Siemplify Revamped Marketplace

Today we are happy to unveil a completely revamped SOAR marketplace that is designed from the ground up for rapid time to value, making SOAR implementation faster and simpler than ever before. The Siemplify Marketplace is a one-stop-shop for all the integrations, use cases, playbook components and analytics needed to get running with SOAR in no time. As you’d expect from the No. 1 vendor-agnostic SOAR provider, the Siemplify marketplace provides access to a vast library of integrations.

redscan

NIS2: what organisations need to know about proposed changes to the NIS Directive

Read our guide to learn about the latest proposals and how they could affect your organisation. Enacted in 2016, the NIS Directive is the first EU-wide legislation on cyber security. It requires member states to ensure that providers of critical infrastructure and services have appropriate security measures in place to manage cyber risk and maintain resilience in the event of an incident. Its four top-level objectives are:

netskope

How Netskope Can Help with Your 10 Critical Security Projects - Nos. 9-10

The annual list of top security projects from Gartner provides key insights on where security leaders should focus their limited time and resources to be the most effective at protecting their data, users, and infrastructure. Netskope provides value for each of the top 10 recommended security projects for this year and next, including many critical capabilities. This blog series will highlight each Gartner recommendation and how Netskope specifically can help.

synopsys

Demystifying CVSS Scoring

The Common Vulnerability Scoring System (CVSS) can help you navigate the constantly growing ocean of open source vulnerabilities. But it’s difficult to lend your trust and put the security of your organization and your customers into the hands of a system that you may know very little about. Let’s take a closer look at the CVSS to see what it’s all about.

detectify

DNS Hijacking - Taking Over Top-Level Domains and Subdomains

TL;DR: On January 7, the Detectify security research team found that the .cd top-level domain (TLD) was about to be released for anyone to purchase and claimed it to keep it secure before any bad actors snatched it up. A technical report with full details is available on Detectify Labs. This blog post will discuss the basics of domain takeover.

veracode

Retail and Hospitality Sector Has Impressive Fix Rate, but Room to Improve

Over the past year, the retail and hospitality industries have been forced to adapt to the “new normal.” Since lockdowns and health concerns have prevented or dissuaded in-person shopping or dining, the new normal has been e-commerce. Smaller businesses not equipped for the increase in e-commerce have had to undergo rapid digital transformation in order to stay afloat. But, unfortunately, e-commerce was not the only thing to increase in 2020.

sqreen

The different types of cross-site scripting (XSS)

Cross-site scripting (XSS) is one of the most dangerous vulnerabilities in web applications. It is a client-side script injection technique that attackers can use to steal information or send malicious requests to a server. There’s no fixed way of executing an XSS attack — it all depends on how an application was built and the creativity of attackers. This makes it difficult for organizations to set up complete protection against such attacks.

idcentral

Importance of age verification for digital businesses

2020 has become the lens through which predictions for the whole decade will be forecasted. The wave of digital transformation has enabled easy availability of services from home for everyone and anyone. Some experts say that five years of digital transformation took place in six months due to the number of services and products that have moved to online access, but this has also made the market quite volatile.

logz.io

Does a Ransomware Attack Constitute a Data Breach? Increasingly, It May

Historically, one difference between a company victimized by ransomware and those hit with a hacking intrusion that resulted in stolen data was that in a ransomware attack, the data wasn’t actually stolen, but was encrypted so that the victim would have to pay a ransom to regain access. Unlike traditional data thefts, ransomware—the theory went—didn’t really steal data. It encrypted it so that the authorized users couldn’t get to it unless a ransom was paid.

sysdig

Falco vs. AuditD from the HIDS perspective

In this blog, we will compare and contrast Falco vs. AuditD from a Host Intrusion Detection (HIDS) perspective. AuditD is a native feature to the Linux kernel that collects certain types of system activity to facilitate incident investigation. Falco is the CNCF open-source project for runtime threat detection for containers and Kubernetes. We will dig deeper into the technical details and cover the installation, detection, resource consumption, and integration between both products.

cyberint

On Sale! Access to your Crown Jewels

Remote Desktop Protocol (RDP) is a communication protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection[1]. Once connected, the remote user will be able to communicate with the machine using their input devices, keyboard and mouse, and to have their screen displaying the output of their actions – as if they were physically connected. Simply put, gaining access to your crown jewels.

Devo Security Operations - Command and Control Use Case

Table of Contents:

00:00 - Introduction
00:08 - C&C concept
00:31 - C&C types
01:02 - C&C in SecOps
01:41 - C&C in SecOps: alerts
02:23 - C&C in SecOps: Triage
02:45 - C&C in SecOps: new investigation
03:14 - C&C in SecOps: associations
04:09 - C&C in SecOps: related alerts
04:49 - C&C in SecOps: Hunting
05:18 - C&C in SecOps: identify outbound traffic

stackrox

EKS vs GKE vs AKS - Evaluating Kubernetes in the Cloud

Providing an update on the core Kubernetes services offered by the big three We are now six years past the initial release of Kubernetes, and it continues to be one of the fastest-growing open-source projects to date. The rapid development and adoption of Kubernetes have resulted in many different implementations of the application. The Cloud Native Computing Foundation (CNCF) currently lists over 90 Certified Kubernetes offerings.

egnyte

An Analysis of Cyber Attack Costs on the Life Sciences Industry

2020 provided a perfect storm for cybercriminals to extort record amounts from vulnerable businesses. Recent reporting has identified life sciences companies as being particularly attractive to target as they have valuable intellectual property information and have enough funding to pay high ransom demands. The pharmaceutical industry is currently at the top of the most targeted industries for such attacks.

Egnyte: The Leader in Cloud Content Collaboration, Governance and Security

One unified platform to govern and secure content everywhere. Egnyte is the only all-in-one platform that combines data-centric security and governance, AI for real-time and predictive insights, and the flexibility to connect with the content sources and applications your business users know and love — on any device, anywhere, without friction. See why over 16,000 customers choose Egnyte to boost productivity, reduce complexity, and protect their unstructured data.
tripwire

The Changing Dynamics of Cyber Insurance

Almost exactly a year ago, cybersecurity professionals were locked in a heated debate about insurance. While some were keen to point out that the future of the industry would need to include some form of insurance market, others argued that cyber insurance would never be worth the premiums, especially given the inherently volatile nature of cybersecurity. The pandemic has changed all of that.

Top 10 Hacks Of The Past Decade | Solarwinds | WannaCry | Panama Papers | Cambridge Analytica |

Security breaches have become a normal part of our lives over the past decade, but each hack comes with its own complications and ramifications. In this webinar, Teleport Tech Writer Virag Mody will dive deep into the details of the top 10 hacks of the past decade and how they affected the way we approach cybersecurity.
veriato

Do's and Don'ts of Using Software For Monitoring Computers

According to the American Management Association, nearly half of employers monitor their employees’ digital activity on company-owned devices to some degree. Some of these employers manually read employees’ emails and track their activity. But the vast majority use software for monitoring computers, which is far more efficient. The right software can help you keep track of what your employees are doing during work hours, regardless of whether they are in the office or working remotely.

detectify

Detectify ethical hacker kept the country code domain .cd safe from potential attacks

NEW RESEARCH – On December 30, Fredrik Nordberg Almroth, security researcher and co-founder of Detectify – the Sweden-born cybersecurity company that offers a web vulnerability service powered by leading ethical hackers – found a vulnerability that left the country code top-level domain of the Democratic Republic of Congo, .cd, open to severe potential abuse.

veracode

Security as Code: Why It's Important and What You Need to Know

Software is becoming an increasingly pivotal part of modern business and society. In turn, consumers have come to expect instant gratification. This has driven businesses to concentrate on innovation and speed to market. Businesses that can’t keep up with the hyper-competitive market of speed-to-value are falling behind.

logz.io

Tis' the Season for Giving - and Taking

It’s the time of year when many of us will be taking a well-deserved break, but unfortunately for consumers and organisations, cyber criminals don’t take holidays. A year of unprecedented alarm and uncertainty, coupled with the growing sophistication of cybercriminals, has nurtured the perfect breeding ground for online scams, which according to the Australian Competition and Consumer Commission (ACCC) have jumped a staggering 42% this year—with nearly AU$7 million lost.1

teramind

Teramind vs. ActivTrak | 2021 Feature Comparison

Teramind and ActivTrak are both popular employee monitoring software. Each of them has their strengths and weaknesses which might make it suitable (or not) for your unique business needs. The table below compares Teramind vs. ActivTrak side-by-side in terms of key features and capabilities so that you can decide which solution is right for you.

alienvault

Security context: The starting point for how Kubernetes Pod security works

Organizations are increasingly adopting Kubernetes to manage their containerized workloads and services, but Kubernetes security incidents are on the rise, as well. In the fall 2020 edition of the “State of Container and Kubernetes Security” report, for instance, 91% of respondents told StackRox that they had recently adopted Kubernetes. Three quarters of survey participants went on to reveal that they had deployed the container orchestration platform in their production environments.

tripwire

Cybercriminals are Bypassing Multi-factor Authentication to Access Organisation's Cloud Services

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely with a variety of corporate laptops and personal devices during the COVID-19 pandemic.

siemplify

5 Modern Security Operations Trends That Will Dominate 2021 and Beyond

The turning of the annual calendar was celebrated globally in a way not seen in a generation, but 2021 will not magically remove the world’s problems, as you probably have discovered by now. We are all still inheriting the mess of 2020 – at least for a little while longer – and cybersecurity is no exception.

nightfall

3 Permanent Security Risks in a Post-Pandemic World

With the administration of COVID-19 vaccines beginning around the world, many of us have begun to look to a future where the pandemic does not totally dominate our lives. Naturally, the way we socialize and work will have shifted. Remote work, for instance, has shown to be more productive and preferable for many businesses. In the cybersecurity space, we’re also beginning to realize which threats are opportunistic and temporary – and which ones are here to stay.

netskope

You Can Run, But You Can't Hide: Advanced Emotet Updates

Emotet has become one of the world’s most advanced botnets. Like many malware campaigns, Emotet’s primary mode of delivery is phishing emails that download malicious Microsoft Office documents. Furthermore, these documents are often hosted in popular cloud apps like Office 365 and Amazon S3 to increase the chances of a successful lure.

upguard

What is DLL hijacking? The Windows exploit endangering your sensitive data.

A simple DLL file was the catalyst to the most devastating cyberattack against the United States by nation-state hackers. This cinematic breach demonstrates the formidable potency of DLL hijacking and its ability to dismantle entire organizations with a single infected file. DLL hijacking is a method of injecting malicious code into an application by exploiting the way some Windows applications search and load Dynamic Link Libraries (DLL).

WhiteSource

How to Set Up an Open Source Strategy

Open source components have become the basic building blocks of software applications, comprising 60%-80% of the software projects. As open source usage has established itself as an industry standard and the default choice of software production, software development organizations are required to set up an open source strategy.

sqreen

Sqreen's architecture through the ages: part one

Sqreen’s architecture has evolved a lot over the years. As one of the main protagonists in all these changes, I’m often asked about the previous steps we took and the rationale behind them. It’s an interesting, albeit long, conversation, so l thought I’d take a trip down memory lane and share some of the decisions we made as we built Sqreen and why. As I mentioned, it tends to be a long conversation, so I’m going to break this into three posts to make it more digestible.

stackrox

CKS Certification Study Guide: Monitoring, Logging, and Runtime Security

This blog references tools to set up a Kubernetes version 1.19 cluster and review the CKS - Cluster Setup section. There is the ability to create a Kubernetes cluster from our GitHub repository using Terraform and Rancher Kubernetes Engine (RKE) in Google Cloud Platform (GCP) or Amazon Web Services (AWS). This cluster environment will help to simulate a real Kubernetes environment instead of a local cluster.

teramind

Why Employee Privacy Matters More Than Ever

For organizations and their employees, 2020 was a uniquely transformative and challenging year. Although this reality is expressed in many ways—including a global pandemic, a deep economic recession, perpetual social unrest and a litany of natural disasters—in the professional environment, it is most acutely observed in the rapid and wide-spread transition to remote work.

alienvault

What is a vulnerability management program and should your business have one?

The rapid rate of change in attack methods and techniques in today’s cybersecurity landscape has made the keeping of an environment secure increasingly more difficult, causing many to fall into a dangerous state of simply reacting to current threats.

nightfall

Network, Endpoint, and Cloud DLP: A Quick Guide

At the beginning of 2019, 60% of companies responding to the Insider Threat Report survey reported that they were planning to implement a data loss prevention (DLP) solution. For a few years, organizations have been aware that they need to add data loss prevention (DLP) tools and software to their technology stack in order to safeguard sensitive information collected and stored` However, there’s a common misconception that DLP is just one “thing”.

netskope

The Case for Targeted Remote Browser Isolation with Next Gen SWG

Remote browser isolation (RBI) has many use cases, but has found a popular use case with secure web gateways (SWG). While SWGs can block known bad websites and allow known good ones, the gray area of uncategorized and security risk websites is a challenge for most SWG deployments. If you allow them, your inline defenses and endpoints are exposed and may miss evasive malware, macros, malicious scripts, and phishing attacks.

ekran

Incident Response Planning Guideline for 2021

When faced with a real-life cybersecurity threat, few organizations know what steps to take first in order to handle the incident and minimize its impact on the business. Having a well-thought-through cyber security incident response plan (IRP) in place is the only way to get yourself fully prepared for dealing with this kind of situation. In this article, we’ll tell you in detail how you can build an IRP that perfectly fits the needs of your business.

bearer

The Essentials of Personally Identifiable Information (PII)

Modern privacy regulation is centered around the concept of personal information. The General Data Privacy Regulation (GDPR) popularized it, but since then similar initiatives—like the California Consumer Privacy Act—have expanded on the definition of "Personal Information." If your application collects any kind of information about your users or customers, it is important that you track when, how, and for what purpose you are collecting their data.

cyberint

SolarLeaks

In the aftermath of the notorious SolarWinds breach, occurring in mid-December 2020, a nefarious website was observed on 12 January 2021 and, presumably linked to the threat actors involved in the original supply chain attacks, purports to offer stolen data from four victim companies for sale: Other than the above, no file listings, screenshots or detailed 'proof' have been provided although links to four encrypted archive files, one for each potential victim organization, were uploaded to the popular

synopsys

Assessing design quality for better software due diligence

Design quality audits are sometimes overlooked in software due diligence, but they are vital to understanding the overall health of a company’s software system. When software is part of an M&A transaction, performing technical due diligence is a critical part of the process. There’s a lot to cover when it comes to software due diligence, and you can learn more by reading our take on the specific areas of the process, but today we’d like to discuss software quality.

zeronorth

What is Under the Cape of a Security Champion?

There is a big conversation happening right now in the world of application security (AppSec), one that is focused on how security and DevOps professionals can come together in the name of better, safer software. Because, right now, these teams are often worlds apart. Although DevOps has revolutionized the speed of software development, the implications of this increased velocity can sometimes run counter to the goals of security, emphasizing the need for better risk management.

wandera

Zero Trust Digest | January 2021

Unsurprisingly, December is a quiet month for Zero Trust news with everyone wrapping up for the festive period, but there were a few insights and stories of note, particularly the Solarwinds hack. Q4 of any year is prediction season, where organizations of all sizes look into their crystal balls and pre-empt the year ahead. In this month’s Zero Trust Digest, we’ve rounded up the industry analysts key forecasts for the future.

teleport

ECMWF - How Third Parties Securely Access Supercomputing Clusters

To the average person, weather forecasts inform whether or not they need to bring an umbrella to the office. But to some, it can be quite literally a matter of life and death. Organizations like the European Center for Medium Range Weather Forecasting (ECMWF) sit at the center of a web of highly sensitive operations, providing them weather predictions and reports.

sysdig

Sysdig 2021 container security and usage report: Shifting left is not enough

The fourth annual Sysdig container security and usage report looks at how global Sysdig customers of all sizes and industries are using and securing container environments. By examining how and when organizations are implementing security in the development lifecycle, we have been able to uncover some interesting data points in this year’s report. For example, we can see that 74% of organizations are scanning container images in the build process.

Runtime Threat Detection on AWS

Join Sysdig and AWS experts to learn how to detect and respond to threats to your production applications running on services like AWS Fargate and Amazon EKS. With the rise of microservices and DevOps practices, new security threats put your infrastructure and applications at risk. Hear how to leverage signals from AWS CloudTrail and open source Falco to spot unexpected behavior, block threats, and validate compliance across your AWS environment.
alienvault

Why cybersecurity awareness is a team sport

Cybersecurity may be different based on a person's viewpoint. One may want to simply protect and secure their social media accounts from hackers, and that would be the definition of what cybersecurity is to them. On the other hand, a small business owner may want to protect and secure credit card information gathered from their point-of-sale registers and that is what they define as cybersecurity.

tripwire

More Lessons Learned About Trying Harder and Passing the Offensive Security Certified Professional Exam (OSCP)

On February 11, 2020, Offensive Security introduced a major overhaul and update to their already fantastic course: Penetration Testing with Kali Linux. Those changes included updates to their lab environment. The study materials were substantially updated, with additional material including entire new sections on Bash Scripting, Active Directory Attacks, and PowerShell Empire.

nightfall

How is Data Stored in Confluence?

Confluence is one of Atlassian’s most popular collaboration tools, a team workspace where users can create, capture, and coordinate on a variety of project types. Confluence’s role as a hub for sharing documents and creating templates means that, for many organizations, some of their most confidential data may live within their Confluence spaces.

netskope

How Netskope Can Help with Your 10 Critical Security Project - Nos. 7-8

The annual list of top security projects from Gartner provides key insights on where security leaders should focus their limited time and resources to be the most effective at protecting their data, users, and infrastructure. Netskope provides value for each of the top 10 recommended security projects for this year and next, including many critical capabilities. This blog series will highlight each Gartner recommendation and how Netskope specifically can help.

ekran

7-Step Checklist for GDPR Compliance

The General Data Protection Regulation (GDPR) is often considered the strictest regulation in the world for securing users’ private data. It applies to all organizations that process the personal data of European Union citizens and residents, and the fines for non-compliance reach up to €20 million. In this article, we explore the nature of this regulation, list its key principles, and offer a seven-step checklist for meeting GDPR compliance requirements.

veracode

Veracode Named a Leader in The Forrester Wave: Static Application Security Testing, Q1 2021

If you’re looking to start or optimize an AppSec program in 2021, the Forrester WaveTM report is a good place to begin your research. The report not only details essential elements of AppSec solutions, but also ranks 12 static application security testing (SAST) vendors based on their current offering, strategy, and market presence. Development speeds and methods are changing and the requirements for a SAST solution are evolving as well.

logsentinel

US Cybersecurity Laws Overview And How SIEM Can Help

Cybersecurity is increasingly becoming a topic for legislators, especially for the public sector, critical infrastructure, healthcare, education, the financial and insurance sectors. In the US, in addition to several federal laws (HIPAA, HITECH, GLBA, SOX, FISMA, CISA), there are many state-level laws that impose some level of cybersecurity requirement (we have excluded the ones regarding election security in particular, as that’s a separate topic of discussion)

lookout

Be The Master of Your Encryption Keys

Over the past decade, we’ve seen a massive shift towards relying on cloud technologies for everything we do, from watching TV shows and movies to sharing photos. Organizations have done the same. To increase efficiency and availability, they have moved their data and workloads to the cloud. But in a world of expanding threats, it has become necessary to implement additional layers of security for cloud data, applications and services to ensure privacy remains a top priority.

sqreen

How RASPs and WAFs can work together

When it comes to security tooling, it can be difficult to tell different acronyms and the approaches they represent apart. In the case of application security for production applications, there are several approaches out there, some new and some old. Today, I want to focus on two prevalent means of monitoring and/or protecting applications: Runtime application self-protection (RASP) and web application firewalls (WAF).

stackrox

CKS Certification Study Guide: Supply Chain Security

As we continue the study guide for the Certified Kubernetes Security Specialist (CKS) program, be sure to check out the information and content breakdown from our previous CKS posts. This blog references tools to set up a Kubernetes version 1.19 cluster and review the CKS - Cluster Setup section. There is the ability to create a Kubernetes cluster from our GitHub repository using Terraform and Rancher Kubernetes Engine (RKE) in Google Cloud Platform (GCP) or Amazon Web Services (AWS).

cloudpassage

SolarWinds Orion Compromise Vulnerability Mitigation

SolarWinds, an IT software provider, recently announced that it was the victim of a cyberattack that inserted malware (code name SUNBURST) within their Orion Platform software. Following the announcement of the SolarWinds Orion compromise, the Department of Homeland Security released an advisory for mitigating the code compromise.

Runtime Threat Detection on AWS

Tune into our #LinkedInLive event on Jan 12 at 10 am PST and Join Sysdig and AWS experts to learn how to detect and respond to threats to your production applications running on services like AWS Fargate and Amazon EKS. With the rise of microservices and DevOps practices, new security threats put your infrastructure and applications at risk. Hear how to leverage signals from AWS CloudTrail and open source Falco to spot unexpected behavior, block threats, and validate compliance across your AWS environment.
Featured Post

4 Most Common Types of Cybersecurity Threats

There's every indication that the pandemic is changing the nature of cybersecurity. Online threats are evolving to match our new remote-work paradigm, with 91% of businesses reporting an increase in cyberattacks during the coronavirus outbreak. Hackers are getting more and more sophisticated and targeted in their attacks. Many of these cyber threats have been around for a while, but they are becoming harder for the average user to detect. Beware of these four common types of cyber threats - and learn what you can do to prevent them.

Featured Post

The Evolution Of Cybersecurity Over The Decades

For almost as long as there have been computers, there have been people who want to get the information from the computers of others. As such, the history of cybersecurity follows very much step-by-step with the history of modern computing. In 2021, just as computing is an essential part of everyday life, cybersecurity has been a vital investment that every business or organisation needs. When the world's largest companies and even its richest countries' infrastructure can be vulnerable to cybercriminals, it shows that anyone can fall victim to data breaches.
alienvault

Why are cybercriminals suddenly targeting maritime infrastructure?

If you were asked to list out the top problems society has been facing in 2020, cyberattacks on the maritime industry might not be an obvious issue that would come to mind. But the industry has seen a worrying trend in recent months, as a spike in cyberattacks that has left some of the biggest companies in the industry exposed. Specifically, both the fourth largest global shopping company and the International Maritime Organization (IMO) have been targeted in these attacks.

tripwire

Ransomware Gangs Scavenge for Sensitive Data by Targeting Top Executives

In their attempt to extort as much money as quickly as possible out of companies, ransomware gangs know some effective techniques to get the full attention of a firm’s management team. And one of them is to specifically target the sensitive information stored on the computers used by a company’s top executives, in the hope of finding valuable data that can best pressure bosses into approving the payment of a sizeable ransom.

tripwire

Steps for PCI DSS Gap Analysis

Complying with Standards drawn by the Payment Card Industry Security Standards Council can be complicated and time-consuming. But, with a PCI DSS Gap Analysis, the process becomes a lot easier, streamlined, and less exhaustive. PCI Gap Analysis is the first step towards the Compliance process. The assessment provides details on your current security posture against what is expected and needs to be achieved by the organization.

reciprocity

What is CCPA Data Minimization?

With enhanced information security becoming increasingly more urgent, privacy protection efforts are ramping up for many industries. One of the more recent measures to address data privacy has come from the latest California Consumer Privacy Act (CCPA) Proposition 24, also known as the California Privacy Rights Act of 2020 (CPRA).

reciprocity

What Is the Threshold Application of the CCPA?

When the California Consumer Privacy Act took effect on Jan. 1, 2020, many businesses scrambled to determine whether the law applied to them. The CCPA is the most stringent privacy law enacted in the United States, and for various reasons, its reach can extend well beyond the state’s borders. The objective of the CCPA is to give consumers certain rights to protect their personal data that companies might collect, store, and process for commercial purposes.

forgerock

Harnessing Digital Identity to Build Tomorrow's Public Sector

As we continue to endure the prolonged effects of the pandemic, it should come as no surprise that millions of people are online more than ever. In fact, our New Normal report surveyed 5,000 global consumers and showed that this is likely to be a long-term shift - 45% of people stated that they plan on continuing to use more online services post-pandemic than they did before.

synopsys

Forrester recognizes Synopsys as a leader in static application security testing

We’re proud to announce that Synopsys has been named a leader in The Forrester Wave™: Static Application Security Testing, Q1 2021. Find out why. This week Forrester recognized Synopsys as a leader in The Forrester Wave™: Static Application Security Testing, Q1 2021, based on its evaluation of Coverity®, our static application security testing (SAST) solution. Forrester evaluated the 12 most significant SAST providers against 28 criteria.

detectify

Detectify security updates for January 11

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

veracode

Veracode Wins Best AppSec Feature Set and Customer Support Awards From TrustRadius

TrustRadius recently awarded Veracode with a 2021 Best Application Security Feature Set Award and Best Application Security Customer Support Award. These honors are given to companies that have gone above and beyond to delight their users. To win the Best Feature Set Award, each nominated organization had to receive 10 TrustRadius reviews in the past year that featured specific mention of their product’s feature set.

Understanding JusPay Data Breach

Juspay, an Indian payment service provider, which processes transactions for giants like Amazon, MakeMyTrip, Airtel, Flipkart, Uber and Swiggy suffered from a data breach resulting in 3.5 crore records of customer data being compromised. The data dump contains sensitive information including the card’s merchant brand, expiry date, the first six and last four digits, user name, email IDs and phone numbers. This data can be put together and used for phishing scams.
logsentinel

The Importance Of Threat Intelligence Sharing Through TAXII And STIX

Threat intelligence has been a very important asset to cybersecurity- knowing in advance some properties of malicious actors is key for preventing security incidents. Most typically these properties are IP addresses, domains, emails and file hashes, and being able to compare them to what’s happening in your infrastructure allows for quick response and prevention.

Octiga

Biggest Cyber Attacks of 2020 and Tips to build Cyber Resilience in 2021

A Q3 Report by Risk Based Security on data breaches in 2020 showed that by the end of Q2, 2020 was already considered as the worst year in terms of data exposed. To add a cherry on the top, in Q3, a total of six breaches together accounted for approximately 8 billion exposed records. The pandemic further made the health sector most vulnerable to data breaches. No surprises there!

splunk

Yes, Virginia, There is a -Santa Claus- Way to Detect Unemployment Fraud

Fraud rates for Unemployment Insurance Benefits (UIB) and Pandemic Unemployment Assistance (PUA) are out of control. In May 2020, Brian Krebs of Krebsonsecurity published two articles detailing fraud that was occurring in several different state’s UIB portals. These states had been warned by the US Secret Service to be on the lookout for this. Reading the articles, the common theme is that many states are missing rudimentary controls for combating fraud.

sumologic

Improve Your Security Posture By Focusing on Velocity, Visibility, and Vectors

In the wake of the widely publicized FireEye breach and the alarming SolarWinds supply chain attack, this presents an ideal opportunity for reflection on the broader shift taking place across the world—the transition from legacy on-prem infrastructures to the cloud.

tripwire

It's Always DNS - But Not in the Way You May Think

A popular joke among technologists says that it’s always DNS, even when it initially didn’t seem that way. DNS issues come in many shapes and forms, including some often-overlooked security issues. DNS (short for the Domain Name System) continues to be described as “the phonebook of the Internet,” but many people, including most readers of this blog, will be more familiar with the basic workings of DNS than with the outdated phenomenon of paper phonebooks.

manageengine

Five worthy reads: Make data security your New Year's resolution

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. More than ever, now is the time for organizations to prioritize data security. This week we look at some data security trends that are shaping the industry today. Illustration by Balaji KR A recent study conducted by RiskBased Security has labeled 2020 the worst year for data security with a shocking 36 billion records compromised, twice the number from 2019.

nightfall

CISO Insider S1E3 - The OODA Loop with J.J. Agha

At Nightfall, we believe in the power of learning from those who have done it before. That’s why we created CISO Insider — a podcast interview series that features CISOs and security executives with a broad set of backgrounds, from hyper-growth startups to established enterprises. Through these interviews, we’ll learn how industry experts overcame obstacles, navigated their infosec careers, and created an impact in their organizations.

upguard

What is a supply chain attack (and how to prevent it)

In December 2020, the U.S government announced that it fell victim to what is believed to be the largest security breach in the nation's history. The breach occurred through an innocuous IT update from the Government's network monitoring vendor, SolarWinds. This monumental breach exposes a novel and powerful method of clandestinely penetrating even the most sophisticated security defenses through third-party vendors - supply chain attacks.

calligo

What sort of CIO are you going to be in 2021?

2020 was a lot of things. Unexpected. Tough. Frightening. Frantic. It was also revealing. Most CIOs were asked to enable ways of working and doing business that they had not considered necessary before. Others had maybe always known such moves were wise, but had never been able to dedicate the time, resource or budget to such endeavours. Or, ironically, had never been able to prove the business case. Either way, too many were caught under-prepared.

CloudCasa

Top 10 Reasons to Use CloudCasa vs. your Cloud Vendor's Backup

We discussed in previous blogs the need for data protection for Kubernetes and what’s different about CloudCasa. CloudCasa was designed to address the gap in data protection and disaster recovery that exists in all the leading Kubernetes distributions and managed cloud services. Further, another pain point that CloudCasa addresses is that your cloud-based applications may well be hybrid and multi-cloud applications that use both container-based storage and serverless databases.

alienvault

What is URL filtering? Web filtering explained

URL filtering is one of the most common types of web filtering techniques used by organizations to restrict the kinds of content that their users may access. URL filtering blocks users from loading questionable websites or hosted files via corporate device or network resources. The filter is triggered by comparing the URL address a user is trying to access against policy lists that specify whether to block, allow, and/or track visits to certain URL addresses.

alienvault

Malware using new Ezuri memory loader

Additionally, the Ezuri memory loader tool acts as a malware loader and executes its payload in memory, without writing the file to disk. While this technique is known and commonly used by Windows malware, it is less popular in Linux environments. The loader decrypts the malicious malware and executes it using memfd create (as described in this blog in 2018).

redscan

Redscan Threat Intelligence update: SolarWinds Sunburst Q&A

The threat actor then gained a back door into the company’s Orion network management platform – used by over 300,000 organisations worldwide. Given the seriousness of the attack, its potential to affect customers across the SolarWinds supply chain and reports of espionage by nation state attackers, this is a story that is likely to have ongoing repercussions for organisations in 2021.

Straight Talk Series: Security vs. Speed

Today's network professionals are challenged with providing their users fast and direct access to their apps and data paired with the security controls the business requires. In this Straight Talk video, Netskope Senior Vice President, Joe DePalo discusses how Netskope delivers world-class security and data protection without performance tradeoffs.
veracode

How to Communicate Application Security Success to Your Executive Leadership

Over the past several years, there have been many changes to software development and software security, including new and enhanced application security (AppSec) scans and architectural shifts like serverless functions and microservices. But despite these advancements, our recent State of Software Security (SOSS) report found that 76 percent of applications have security flaws.

sqreen

Remote code execution (RCE), explained: what it is and how to prevent it

Remote code execution (RCE) is a class of software security flaws/vulnerabilities. RCE vulnerabilities will allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class of arbitrary code execution (ACE) vulnerabilities. With the internet becoming ubiquitous, though, RCE vulnerabilities’ impact grows rapidly. So, RCEs are now probably the most important kind of ACE vulnerability.

devo

The Final Critical Step to Building the Modern SOC

The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the last in a series of posts highlighting the most important elements of the four steps. Previous posts covered Step 1, establishing a foundation of centralized, scalable visibility, Step 2, extracting intelligent insights from your data, and Step 3, supercharging your analysts with the power of automation.

sysdig

Stackrox Acquisition: The Race to Secure Containers

Today, Red Hat announced its intent to acquire Stackrox. This is a very exciting development in the world of cloud-native security! First and foremost, congratulations to Stackrox, an early participant in the container security space. This acquisition is a great outcome for Stackrox given their nascent scale and on-premises offering.

alienvault

IoT Cybersecurity Act successfully signed into law

The IoT Cybersecurity Act, which aims to reduce the supply chain risk to the federal government arising from vulnerable IoT devices, was recently passed into law, and its effects are expected to carry over into private enterprise. Critics felt the law was long overdue: as found in the Nokia Threat Intelligence Report 2020, IoT devices are now responsible for 32.72% of all infections observed in mobile networks, representing an increase of 16.55% since 2019 alone.

netskope

How Netskope Can Help with Your 10 Critical Security Project - Nos. 5-6

The annual list of top security projects from Gartner provides key insights on where security leaders should focus their limited time and resources to be the most effective at protecting their data, users, and infrastructure. Netskope provides value for each of the top 10 recommended security projects for this year and next, including many critical capabilities. This blog series will highlight each Gartner recommendation and how Netskope specifically can help.

veriato

Five Cybersecurity Priorities to focus on in 2021

2020 will go down in history as a year of surprises. The Covid-19 pandemic resulted in challenges to health, wealth, business, and cybersecurity. The early part of the year saw a rapid movement out of the office, introducing a sudden need to support home working. According to Gartner, 88% of companies sent their workforce home to work during the peak of the pandemic. This remote work environment is continuing for many organizations in 2021. In 2020, businesses were forced to adapt fast.

forgerock

Behind-the-Scenes of Virtual Banking

In today’s digital world, we no longer have to go to a branch office or ATM machine to do the majority of our banking. For the most part, consumers can manage all bank transactions from the comfort of their home on mobile devices, especially during the COVID-19 pandemic. However, virtual banking has the potential to be so much more than just cashing checks.

cygilant

2020 Data Breaches that will Affect Credit Unions in 2021

As we start 2021, it’s a good time to reflect on what we learned in 2020. With SMEs preparing themselves for the next normal in 2021, we identified some major data breaches that happened in 2020 that will have implications for credit unions in the near future. In early 2020, it was reported that CUNA’s systems were knocked offline due to a ransomware attack.

synopsys

What is the cost of poor software quality in the U.S.?

The total cost of poor software quality in the U.S. is estimated at $2.08 trillion. Learn what contributes to the cost and how security can help minimize errors. Do it right the first time. That long-standing cliché is based on the premise that it almost always costs more to fix something built poorly than it does to build it correctly.

stackrox

CKS Certification Study Guide: Minimize Microservice Vulnerabilities

As we continue the study guide for the Certified Kubernetes Security Specialist (CKS) program, be sure to check out the information and content breakdown from our previous CKS posts. This blog references tools to set up a Kubernetes version 1.19 cluster and review the CKS - Cluster Setup section.

teramind

5 Reasons Every Company Needs to Be Ready for a Compliance Audit in 2021

In many ways, 2020 was a year of reckoning for data privacy on the internet. After more than a decade of enthusiastically embracing a “freemium” model in which consumers traded copious amounts of personal data for access to digital platforms, many are adopting a rapid about-face. Now, privacy is essential, and stakeholders are taking notice. To date, it’s clear that many companies see this as an obstacle, not an opportunity.

Why choose Egress for your placement year?

Welcoming new students into Egress each year is always one of the most exciting times for everyone across the business. For your university placement, you’ll gain a unique insight into what it’s like at one of Britain’s fastest-growing technology scale-ups. This year, we’re offering a diverse selection of business and technical 12-month placement roles, to be taken as part of your undergraduate degree in our Sheffield and London offices.
alienvault

What is a software-defined perimeter and how does SDP work?

A software defined perimeter (SDP) establishes virtual boundaries around Internet-connected assets and user activity through an integrated security architecture approach. SDP works regardless of whether assets reside on-premises or in the cloud, or whether users are on-site or working remote. Rather than relying on hardware like firewalls or VPNs at the network boundary, SDP leverages software to prevent any access to or even visibility into resources within the virtual perimeter by default.

tripwire

NIST SP 800-128 - Because Patching May Never Fix Your Hidden Flaws

Over the last few years, the idea of patching systems to correct flaws has graduated from an annoying business disruption to a top priority. With all of the notorious vulnerabilities that can wreak total havoc, the time it takes to patch becomes a minor inconvenience when weighed against both the technical challenges and possible regulatory penalties of not patching.