Business decision-makers are inundated today with messages about the importance of digital transformation and innovation. If you want to stay ahead of the competition, you're told, you need to take full advantage of the cloud, move to microservices, replace your VMs with containers and so on. Yet what often gets lost or overlooked in those conversations is the digital risk that goes hand-in-hand with digital transformation.
Image Source: Pexels This blog was written by an independent guest blogger. Historically, the idea of artificial intelligence (AI) saturating our world has been met with suspicion. Indeed, it’s one of the more popular tropes of science fiction — learning machines gain sentience that helps them take over the planet.
Mergers and acquisitions (M&A) enable companies to add products and services to their portfolios, giving them a way to scale their business. To gain true visibility into a company’s long-term impact on your organization’s bottom line, you need to understand all assets and liabilities, including digital ones.
Machine learning is a loaded term. While machine learning offers amazing potential for advancing technologies, it often gets used as a marketing buzzword describing glorified pattern recognition. So it becomes increasingly difficult to know if the application of machine learning to existing technology is going to break new ground or sell more licenses. That’s the problem that Frank Fischer, Product Marketing for Snyk Code, explores in his RSAC 2021 talk ML in SAST: Disruption or Distraction.
This is the third in a series of posts examining the recent Devo research report, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, which is based on a survey conducted by Enterprise Strategy Group (ESG). This time, we’ll take a look at the cloud-computing security challenges Cloud Evangelists face. Let’s begin by explaining how we define that group.
Black Duck Rapid Scan enables developers to check for security or policy violations without disrupting development process. When the first software composition analysis (SCA) tools made their entrance into the market, their focus was on license compliance. As open source grew in popularity, SCA tools expanded to include vulnerability management, helping to reduce the attack surface for organizations leveraging open source.
MySQL brands itself as the world’s most popular open source database. As popular as MySQL database is among developers and SQL enthusiasts, it is equally popular amongst hackers. Misconfigured server access, overprivileged roles, and weak authentication schemes are the most common security issues in MySQL database. While access control features provided by MySQL are adequate enough at the SQL level, it is error-prone to manage access at the operational level.
The pandemic has accelerated digital transformation and telework on a scale never seen before. Employees are working from anywhere and collaboration in the cloud has skyrocketed. But this new environment has expanded the cyber attack surface, compromising critical U.S. infrastructure and lives of our citizens. The recent slew of major cyber attacks including SolarWinds, Microsoft Exchange and Colonial Pipeline, has moved cybersecurity improvements to the top of the agenda for the U.S.
2020 was a challenging year for modern enterprises. In under a year, we experienced a decade's worth of transformation while a global pandemic raged on. And while the worst of COVID-19 will hopefully soon be behind us, the need to continuously transform our digital environment is unequivocally here to stay. We've already seen an example of this, thanks to a significant increase in data generated from across the business.
At Elastic, we internally use, test, and provide feedback on all of our products. For example, the Information Security team is helping the Product team build a stronger solution for our customers. The InfoSec team is an extremely valuable resource who acts not only as an extension of Quality Assurance/Testing, but also as a data custodian.
Microsoft has discovered a new large-scale attack targeting Kubeflow instances to deploy malicious TensorFlow pods, using them to mine Monero cryptocurrency in Kubernetes cluster environments. Kubeflow is a popular open-source framework often used for running machine learning tasks in Kubernetes. TensorFlow, on the other hand, is an open-source machine learning platform used for implementing machine learning in a Kubernetes environment.
Ethics and compliance is becoming a burgeoning industry as an increase in government regulations in areas such as sustainability, diversity, and data privacy make compliance an important focus for companies. It’s especially important in tech companies as the ever-growing risk of cybersecurity breaches requires that security teams be vigilant in protecting sensitive data.
One of the worst things about ransomware attacks isn’t just the mayhem they cause as your data is encrypted by criminals and your business is put on hold — it’s not knowing when they’ll happen. But what if you had some advance notice about the next cyberattack before it hit? What if you could find out if your data was up for bid on the dark web?
A quality management system (QMS) is a system that documents the policies, business processes, and procedures necessary for an organization to create and deliver its products or services to its customers, and therefore increase customer satisfaction through high product quality. In short, a QMS helps a company meet its regulatory requirements and customer requirements, and make continuous improvements to its operations.
Audit procedures are the processes and methods auditors use to obtain sufficient, appropriate audit evidence to give their professional judgment about the effectiveness of an organization’s internal controls. Internal controls are the mechanisms and standards that businesses use to protect their sensitive data and IT systems; or as a means of providing accountability on financial statements and accounting records.
These days, it’s not a matter if your password will be breached but when. Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 543 sites comprising 11.4 billion accounts. This includes well-known names like Wattpad, MySpace, and Facebook. This is an 84% increase in the number of sites and a 115% increase in the number of accounts from when I published the first version of this article in 2018.
ZenGRC Platform Designated ‘Leader’ and ‘High Performer’ by Users SAN FRANCISCO – June 29, 2021 – Reciprocity, a leader in information security risk and compliance, today announced its ZenGRC® platform was recognized as a Leader in G2’s Summer 2021 Grid for GRC Platforms, and as a High Performer in the Third Party & Supplier Risk Management category.
PCI compliance isn’t just good for customers; it’s also good for business. Merchants that fall short of PCI compliance standards not only put their customer data at risk, they also may face hefty fines. The PCI Compliance Guide reports that fines and penalties can range from $5,000 to $100,000 per month for the merchant.
Attackers have long used phishing emails with malicious Microsoft Office documents, often hosted in popular cloud apps like Box and Amazon S3 to increase the chances of a successful lure. The techniques being used with Office documents are continuing to evolve. In August – September of 2020, we analyzed samples that used advanced techniques like: In January 2021, we examined samples that use obfuscation and embedded XSL scripts to download payloads.
Since launching in 2015, MITRE’s ATT&CK framework has been the cybersecurity industry standard for understanding cyber-attacks and their kill chains. Now the BLADE framework is set to develop a similar understanding of business logic attacks fueled by malicious bots. In this post, we will look at why MITRE ATT&CK is so important and examine why BLADE is needed now more than ever.
Following on from my previous post on testing for PHP Composer security vulnerabilities, I thought this post might be useful in helping create more secure applications that prevent PHP code injection. As developers, we build apps to help make end users’ lives easier. Be it entertainment, workplace or social network application, the end goal is to protect the users we build for by ensuring we build security into the code.
“Speed is the new currency of business.” Chairman and CEO of Salesforce Marc R. Benioff’s words are especially potent today as many organizations small and large look for ways to speed up production during their shifts to digital. In software development, speed is a critical factor. Everything from shifting priorities to manual processes and siloed teams can seriously impede deployment schedules.
Many of us start our day by logging in to a desktop. However, none of us think that this seemingly inane activity is the sole tool protecting crucial corporate information. Employees' workstations are a prime target for malicious actors for apparent reasons – any unauthorized access to a company laptop or desktop can immediately put sensitive data at risk and can easily cause a chain reaction with devastating consequences.
Dropbox is known for being a convenient file sharing and storage tool. For over a decade, Dropbox has allowed teams to collaborate cross- functionally by providing a single source of truth. With files being managed and synced to a central location, teams can work together without issues of version control. Even in a post- Google Drive and OneDrive era, Dropbox remains important, as not everyone uses the same productivity suites.
Sometimes the hardest part of any project is getting started. But when it comes to strengthening your security operations program, the escalation of cyberattacks over the last few months have shown us there’s no time to waste. You need to make sure you’re leveraging threat intelligence throughout your security operations to understand your adversaries, strengthen defenses, and accelerate detection and response.
Security and IT teams may be loathe to admit it, but security has historically been mostly a reactive affair. Security engineers monitored for threats and responded when they detected one. They may have also taken steps to harden their systems against breaches, but they didn’t proactively fight the threats themselves. That is changing as more and more teams add threat hunting as one pillar of their cybersecurity strategies.
On June 28, we announced new features within Forward Enterprise that help security engineers spend less time on reactive tasks so they can be more proactive. Why would a networking company expand into the security space? Good question. Let me share some of the reasoning that led to expanding deeper into this space, and why I am excited about it.
Since we’ve accumulated a lot of resources around EventSentry that are updated frequently, we’ve decided to launch a GitHub page where anyone can access and download scripts, configuration templates, screen backgrounds and our brand-new PowerShell module that is still under development.
The cloud landscape is rife with unsafe URLs and inappropriate content. This—coupled with the accelerated adoption of cloud applications in the workplace—has created an urgent need to scrutinize and control the use of these online resources to prevent data theft, exposure, and loss. This blog elaborates on how a robust URL filtering solution can help manage what cloud services your employees use and how they interact with these services.
Appknox, a leading enterprise mobile application security solution provider has announced a partnership with ioXt, a global standard for IoT security and standardization of security, privacy, and compliance programs. With the alliance, Appknox will enforce the clients with a Security Pledge that focuses on the security of stakeholders, and devices in the IoT environment.
Over the past year or so, organizations have rapidly accelerated their digital transformation by employing technologies like cloud and containers to support the shift to IoT and address the expanding remote workforce. This digital shift calls for a new approach to asset visibility as traditional asset administration responsibilities like inventory, software support, and license oversight are often the purview of IT and addressed with IT inventory-focused tools.
Last year was a tough one for schools, local, and state governments. Not simply because of COVID-19, which forced every local government and school to navigate a pandemic, but also because the pandemic brought with it a different set of dangers. While local governments and schools were trying to figure out remote learning, remote work, and how to run public meetings safely and effectively online, cybercriminals took advantage of the fact that the remote world is new to most small governments.
Digital transformation is at the heart of every industry. There are no longer any industries that are immune to the rapid adoption of this movement. When we think of the construction industry, we may think back to an image of ironworkers sitting over a city and enjoying a lunch break on a construction beam. However, rapid digitalization has transformed the construction industry and will continue to drive change and encourage innovation.
The Australian Cyber Security Center (ACSC) strongly advises against paying ransoms of any amount to cybercriminals. In some circumstances, these payments could even be illegal. The Australian government is tightening its cybersecurity regulations to align with the United State's new stance on nation-state threats. As a result, there have been significant changes to how Australian businesses are expected to respond to cyberattacks.
With our continuous pursuit to help businesses reduce the blind spots in business metrics, we have come up with yet another feature that will prove to be the richest source of financial data, i.e SMS TxN Extractor. SMS was believed to be a dead market until people began to understand the reliability. Apart from the concept of reliability of SMS messaging, texts are quick, cost-effective and results can very quickly be analyzed.
As anyone who has built or introduced a new project or product knows, success doesn’t happen overnight. It takes time and patience. When we first started the Open Policy Agent (OPA) project in 2016, we didn’t just spend all of our time on code — a lot of it was spent building awareness around the project and the community. As OPA started gaining traction, we were encouraged every time we’d hear a developer talk about OPA at a conference or mention it in a blog post.
Our latest edition of “Sitdown With a SOC Star” brings us Reid Gilman, a longtime security operations practitioner (11+ years at MITRE as a lead cyber engineer and 2+ years at Boston Children’s Hospital as a security engineer and architect) who recently launched his own venture. Reid has a passion for helping organizations build maturity, but as you’ll find out, most businesses need to make sure they are sorting the fundamentals first. Please enjoy 11 questions with Reid.
Creating a secure software development life cycle can lower risk, but security must be embedded into every step to ensure more secure applications. On May 6, 1937, the Hindenburg airship burst into flames while docking, causing 35 deaths and bringing the airship era to a sudden close. In hindsight, it seems tragically obvious. Fill a giant bag with highly flammable hydrogen gas and trouble is bound to follow.
The percentage of open source code in the enterprise has been estimated to be in the 40 percent to 70 percent range. This doesn't make the headlines anymore, but even if your company falls in the average of this range, there is no dearth of work to do to clean up, comply with AppSec policies, and ship the product. Phew! So where do you start when it comes to resolving all the vulnerabilities uncovered in your open source libraries?
Businesses love stability. Yes, they love profits too, but those come when markets are consistent. Unfortunately, the world doesn’t always work this way – things change, markets are volatile, and you must know the risks in trying to stay on a straight path across a moving landscape. Businesses that survive (and thrive) have one thing in common: the ability to be nimble.
I recently hopped on the Endpoint Enigma podcast to talk about virtual private networks (VPNs) and how they’ve been extended beyond their original use case of connecting remote laptops to your corporate network. Even in this new world where people are using personal devices and cloud apps, VPN continues to be the go-to solution for remote access and cloud access. After my conversation with Hank Schless, I was inspired to put some additional thoughts about VPN on paper.
EU representation isn’t a new thing – it’s a core component of the GDPR – but it has become something that UK companies need to be aware of post Brexit. Up until 31st December 2020, UK companies didn’t need to worry about having an EU representative, as the UK was a part of the EU. Now things have changed, and many UK businesses need to find an EU data representative in order to maintain compliance with EU GDPR.
We have a saying at Splunk. It goes something like “if you’re ever having a bad day, go and talk to a customer”. What organizations around the world are doing with their data and Splunk brings a huge smile and an eyebrow raising, positive “can’t quite believe you’ve done that” very-impressed nod of the head. That’s never more true than with our security customers.
It should come as no surprise that Gartner estimates that by 2025, three-quarters of large organizations will be actively pursuing a vendor consolidation strategy , up from approximately one-quarter today.
Cybercriminals use ransomware to block organizations from accessing their critical business data to extort ransoms. Data encryption protects data wherever it resides. The encrypted data becomes obsolete as encryption makes it difficult for the ransomware to detect it and attack. A good data backup & restoration strategy and a DRM solution are the key factors when companies want to respond to ransomware attacks. These allow companies to restore the data encrypted during the attack.
I recently had the pleasure of speaking with CrowdStrike CTO Michael Sentonas for Episode 47 of our The Hoot podcast series. Michael has 20+ years of cybersecurity experience and played a lead role in the Humio acquisition so it was great to get his take on why CrowdStrike acquired Humio and how the acquisition will help customers. Michael also shared some of his thoughts on the latest security trends, current chip shortage and news of the day.
Most businesses today understand that cybersecurity should be a central part of their operations. Still, more often than not, professionals view security as an extra feature, something to add on after settling everything else. This has been the predominant approach for years, and it’s part of why so many companies find themselves vulnerable. Rising cybercrime has made the need for change increasingly evident, and many companies are responding.
The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the sixth in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture. Throughout this series, we repeat that the data center is just one more place people and data have to go—it’s no longer the center of attention.
In our recent webinar featuring Netacea’s Head of eCommerce, Tom Platt, we explored the rising threat of loyalty point fraud and how businesses can reap the benefits of loyalty schemes while staying protected from attacks and retaining customer loyalty. Watch the full webinar on demand or catch up on the takeaways here.
Open source software audits can identify undetected issues in your codebase. Learn how our audit services can help you understand the risks during an M&A. Most of our clients understand that an open source software audit differs from an automated scan. An audit involves expert consultants analyzing a proprietary codebase using a combination of Black Duck® commercial tools and tools we’ve developed and use internally.
Google Drive is one of the oldest and most well known cloud storage and productivity suites. Although Google Drive launched in 2012, Google’s productivity platform dates back to 2006, when Google Docs and Google Sheets first launched. Over the years, Google would more closely integrate these services before moving them under the Google Drive and Google Suite brand. Today, Google Drive and Google’s entire suite of collaborative tools are referred to as Google Workspace.
The goal of system hardening (or security hardening) is to reduce the attack surface. It includes reducing security risks and removing potential attack vectors. By removing superfluous programs, accounts functions, applications, ports permissions access etc., the reduced attack surface means the underlying system will be less vulnerable, making it harder for attackers or malware to gain a foothold within your IT ecosystem.
Many things can slow down the development and deployment of a project. But one of the most significant issues is also wholly manageable: Code Bloat. Bloated code occurs where the runtime environment contains useless pieces of code, like libraries or service binaries, that will invariably lead to software inefficiencies and security vulnerabilities.
It is nearing the mid-year point of 2021, and already it can be characterized as” the year of the breach.” Many companies and institutions saw their security perimeters pierced by hackers including the mega-breaches of Solar Winds and the Colonial Pipeline. The scale of penetration and exfiltration of data by hackers and the implications are emblematic of the urgency for stronger cybersecurity.
Regardless of your industry, regulatory compliance is an important component of ongoing success. Staying on top of your compliance obligations can be challenging, and a strong compliance management program will require a compliance management system.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Who would be silly enough to try and connect to a weird looking Wi-fi hot spot? Well, try to resist because if you have an iPhone you will break it and TL;DR; you will need to do a factory reset to fix it…
Security controls can be physical or virtual, policies, training, techniques, methodologies, action plan, devices, and customised solutions to avoid, detect, and prevent intruders and minimise the security risk befalling the individual or organisational proprietary information systems, etc.
Visibility within an application security (AppSec) program is key to accountability. CISOs and executive leaders can’t expect to hold developers and product lines responsible for security when these professionals don’t have the comprehensive insight needed to properly assess risk and security gaps.
Tablets and mobile devices have become an essential part of our daily lives, especially as 5G expands and remote work continues. This means these devices hold some of the most sensitive information that is tied to our digital identity. Today, I’m excited to share that we have expanded our consumer partnership with NTT DOCOMO to include identity monitoring and protection for DOCOMO’s subscribers across Android and iOS devices.
Security investments require executive buy-in. Learn what key development motivators can help justify your security program updates. As development speeds increase exponentially, organizations often struggle to introduce or maintain security practices capable of keeping pace. Additionally, security teams can find it difficult to get the top-down buy-in and support they need for a security overhaul.
The Financial Times hosted an excellent event recently, at which I joined Naina Bhattacharya, CISO for Danone; Manish Chandela, Group CISO for Unipart and Florence Mottay, Global CISO for Ahold Delhaize, to discuss cloud security. The FT’s Dan Thomas moderated and the panellists all shared some excellent and candid insights into cloud threats and security strategies within their organisations.
Another memo, another leaky cloud app compromising the personal information of hundreds of thousands of individuals (and yes, you can easily guess the app that exposed the data so no spoiler alert needed—it was an S3 bucket). The latest organization to join the long list of victims of cloud misconfigurations is Cosmolog Kozmetik, a popular Turkish online retailer that exposed more than 9,500 files, totaling nearly 20 GB of data.
It’s easy to get lost in product categories in security these days. And XDR (eXtended Detection and Response) is a new addition to the landscape, which makes people wonder – what exactly is that? We’ve previously held that XDR and SIEM are effectively the same thing, although many vendors and Gartner analysts would probably disagree.
Gartner forecasts that worldwide public cloud end-user spending will grow 23% to USD 332.3 billion in 2021 as cloud technologies become mainstream. As cloud computing architectures continue to become more prevalent, “cloud native” has become a popular buzzword. But what exactly does “cloud native” mean and what impact does it have on security? How exactly do you secure all these cloud native applications?
Today we are happy to announce that Teleport has been included as a Cool Vendor in Gartner Cool Vendors in Identity-First Security report. “We believe Teleport’s inclusion in the Identity-First Security Report by Gartner is confirmation that Teleport solves a huge problem of accessing cloud-native resources that traditional PAM tools did not,” said Ev Kontsevoy, co-founder and CEO of Teleport.
Software performance issues come in all shapes and sizes. Therefore, performance tuning includes many aspects and subareas, and has to adopt a broad range of methodologies and techniques. Despite all this, time is one of the most critical measurements of software performance. In this multi-part series, I’ll focus on a few of the time-related aspects of software performance — particularly for security software.
I recently had the pleasure of chatting with Michigan State University Network Security Engineer David Graff for Episode 46 of our Hoot podcast series. MSU uses Humio for SecOps log management so it was great to get his first-hand perspective on how Humio helps the security team improve visibility and streamline forensics.
Recently Blackberry analyzed a new GoLang Remote Access Trojan (RAT) named “ChaChi.” This sample was interesting in that it tunnels information over DNS as its preferred command and control (C2) mechanism. We downloaded two PCAPs from the malware samples at the following VirusTotal links: If you download these PCAPS* and you run them through Wireshark, you will see DNS traffic matching the explanation in the BlackBerry blog.
The report, Disjointed and under-resourced: Cyber security across UK councils, is based on analysis of Freedom of Information (FOI) data supplied by more than 60% of borough, district, unitary and county councils.
Technology evolution is the only constant in our lives these days. Sometimes, an existing approach can go a long way in addressing problems, while other times, a new approach needs to be adopted to get the work done. Let’s talk about vulnerabilities; internal networks and software can be riddled with loopholes, which can expose them to breaches and data leaks, paving the way for hackers to have an easy ride.
Credential abuse and compromised user accounts are serious concerns for any organization. Credential abuse is often used to access other critical assets within an organization, subsidiaries, or another partner corporation. Once an account is compromised, it can be used for data exfiltration, or to further promote the agenda of a threat actor.
To ensure Outpost24 stays at the forefront of cybersecurity technology we conduct regular research into new innovations, and LEXIS High Performance Computing (HPC) is one of them. Outpost24 was instrumental in contributing and providing the “Security-By-Design” and “Zero-Trust” principles to creating the secure LEXIS Cloud-HPC-Big Data platform, and in this blog we explore the zero-trust fundamentals for which the LEXIS portal has been designed.
In the beginning of May, a U.S. pipeline company suffered a ransomware attack. The company decided to respond by halting operations while it investigated the incident. This delayed tens of millions of gallons of fuel from reaching their destination all along the East Coast. Less than a week later, Bloomberg reported that the company had paid millions of dollars to a ransomware group in order to regain access to their systems. U.S.
In this post, I’ll answer one question: Have we reached the tipping point for cloud proliferation? According to the report, the answer is yes. ESG surveyed 500 IT and security professionals working in the security operations center (SOC) chain of command at organizations with more than 1,000 employees in North America and Western Europe in Q1 of this year.
While organizations are spending a good deal of money protecting their data against unauthorized access from the outside, malicious insiders may pose no less harm. According to the 2021 Data Breach Investigation Report [PDF] by Verizon, 36% of all data breaches experienced by large organizations in 2020 were caused by internal actors. For small and midsize businesses, it was 44%.
If you’re a Java developer that wants to develop your applications more securely, you’ve come to the right place. Snyk can help you with that mission. This article will explain how to begin with Snyk for secure Java development so you can be more secure from the get-go. If you’re new to Snyk, it’s important to know that we offer a variety of developer-focused products and tools. Some of these tools, like our CLI and some IDE integration, support multiple products.
We talked about IAM in the past 3 posts, identities in IAM, manage users privilege as an IT person and control privilege boundaries. We also talked about how applications use AWS Cognito Identity Pool to get AWS temporary credentials to access AWS resources in early posts of “What I wish I could have learned before starting using AWS Cognito” and “Authentication and authorization with AWS Amplify under the hood”.
One of the most common misconceptions about cybersecurity is that the responsibility and ownership sits solely on the shoulders of the CISO and the security team. Common assumptions are anything related to cybersecurity, a security issue or security initiative resides with the security team and the Chief Information Security Officer (CISO). Phishing attacks? That’s a problem for the security department. Vetting vendors and third parties? That belongs to the vendor management team.
Phishing schemes are always evolving. This past year, email thread hijacking took phishing to new depths of subterfuge as criminals hid in plain sight within existing conversations. But no matter how well cybercriminals have refined their messaging or counterfeited legitimate logos and branding, the one constant has always been their delivery method: email. Until now. Online chat services have become a new target for cybercriminals to introduce documents loaded with malware into organizations.
For years, security practitioners have kicked and screamed about their reality. There are too many alerts to fully investigate and manually resolve every day. There is a massive talent shortage of qualified security professionals across the globe. Then couple that with analyst burnout and siloed security point-products. All of these factors are preventing security operation centers (SOCs) from operating at their full potential, with increased efficiency, performance and speed.
In February 2020, a Time Magazine headline declared, “The Coronavirus outbreak has become the world’s largest work-from-home experiment.” Over a year later, that experiment has been a resounding success for companies and employees who found abundant upsides to less rigid workplace expectations.
AT&T Alien Labs recently analyzed the Linux version of the Darkside ransomware, one of the most active ransomware in the last quarter. Shortly after hitting Colonial Pipeline, Darkside developers announced they would be closing operations.
Insurance companies know how to protect their clients’ homes, cars, and businesses— but protecting the personal information of those customers is a bit harder to assure. While the insurance industry focuses on risk-based analyses for its own underwriting programs, firms also need to apply those same risk management processes to securing customer information.
A SOC 2 system description outlines the boundaries of a SOC report. It contains pertinent details regarding the people, processes, and technology that support your product, software, or service. As a reminder, the SOC framework stands for System and Organization Controls. It is a broad architecture that organizations can use to audit the internal controls of vendors and business partners before entering a relationship with those firms, to assess whether those firms have a robust security posture.
Everything evolves. Simply stated, the gradual development of something from a simple to a more complex form is what evolution is all about. When something ceases to evolve, yet still exists, it becomes classified as a living fossil. One example is the Ginkgo Biloba tree. It took millions of years for this evolution to cease. This all happened without any help from humans.
When it comes to evaluating technology in the home, there seems to be no shortage of new devices and shiny gadgets, mainly part of the Internet of Things (IoT), to discuss. Unfortunately, there seems to be no shortage of security issues to consider regarding these same devices, either.
Most organizations have already begun their shift to the cloud. In its Cloud Computing Survey 2020, for instance, International Data Group (IDG) found that 81% of respondents had at least one workload or segment of their computing infrastructure in the cloud. That percentage could grow by the end of the year, as IDG found that 32% of total IT budgets will go to cloud computing—up from 30% in 2018.
If you have ever considered how hackers and other cyber attackers on the internet use different paths to harm systems and software, you already know a bit about what application risk means. While understanding the essence of risk—and what it can do to the business—is critical, it’s also important to visualize how the notion of security risk is impacted and affected by other areas of threat and vulnerability.
Eight vulnerabilities were discovered in Zephyr’s Bluetooth LE Stack using Defensics Bluetooth LE fuzzing solution.
Capital One Financial Corporation is the nation’s largest direct bank. They have a well-earned reputation as a data and tech pioneer in the financial services industry and have long been progressive in setting a bold agenda around digital and tech transformation. This has meant operating years ahead of most enterprises in moving to the cloud, scaling in-house engineering workforce and adopting agile, microservices, open source and a modern data ecosystem.
SSL TLS are two encryption protocols that provide security for communication over the internet. SSL protocol has been around for many years, but both are still widely used today. Why is this? The answer is simple: these protocols work well to encrypt data sent between a client and server computer, which can be very important in protecting sensitive information such as credit card numbers or passwords. But what really sets them apart from each other?
Today, we published the open source edition of our annual State of Software Security report. Solely focused on the security of open source libraries, the report includes analysis of 13 million scans of more than 86,000 repositories, containing more than 301,000 unique libraries. In last year’s open source edition report, we looked at a snapshot of open source library use and security.
In an effort to significantly improve the cyber resilience of Australian businesses, the Australian federal government is mandating compliance across all eight cybersecurity controls of the Essential Eight framework. This is an ambitious move that may be burdensome to the many entities still struggling to comply with just the top four controls of the Essential Eight.
Research from Gartner suggests that, by 2023, more than 60% of the world’s population will be covered by some form of personal data protection legislation. From GDPR to CalPRA, privacy regulations are on the rise. These compliance regimes aim to protect a user’s rights to their data — which, in practice, means that businesses need to implement more effective approaches to security.
If our friends Security and Networking were on Facebook, they would probably both list their relationship status as “It’s Complicated.” Sometimes everything’s great, but now and then things can get a little weird, unclear, or uncomfortable. At many organizations, there has traditionally been a barrier between the security and networking teams. Each team has its own objectives — and at times, those objectives can be at cross-purposes.
There’s an old expression: When you’re a hammer, everything looks like a nail. Therefore, is it right for a security company such as Devo to consider all data security data? Let’s examine that concept. Recently I participated in a panel discussion at the GDS Security Insight Summit Europe with my colleague Dean Robertson who heads solution engineering for Devo in EMEA.
The Biden administration released a new executive order for cybersecurity on May 12, 2021. Although many know the overarching message of the executive order, it’s also important to know the specific details outlined in each section.
Insider threats remain one of the biggest issues plaguing cybersecurity. A study by Ponemon shows that the costs of insider threats leaped 31% in just two years, from $8.76 million in 2018 to $11.45 million in 2020. The same report shows that it takes companies an average of 77 days to contain an insider threat incident. Forrester predicts that insider threats will cause 31% of data breaches by the end of 2021, up from 25% in 2020.
Digital transformation changes the perimeter. When organizations had all their applications on-premises, the network firewall kept the right users inside the gate and malicious actors outside. However, the move to the cloud changed all that. In today’s hyper-connected ecosystem, understanding the components and types of access control can help you strengthen security.
To say that the past year presented its fair share of cybersecurity challenges to the InfoSec community would be a drastic understatement. The rapid migration to remote work at scale left 80% of CIOs unprepared, and SecOps teams struggled to confront the evolving threat landscape with disparate toolkits and skill sets. Not to mention that as more organizations shifted to hybrid and multi-cloud environments at scale, cloud complexity (and cloud-based threats) skyrocketed.
By implementing these vulnerability assessment and vulnerability management best practices you will reduce the attack surface of your infrastructure. We’re human, and many things we build aren’t perfect. That’s why we take our cars for a periodic inspection, or why we have organizations certifying that products are safe to use. Software is no different.
Endpoint security is a hot topic of discussion, especially now with so many businesses shifting to remote work. First, let’s define what endpoints are. Endpoints are end-user devices like desktops, laptops, and mobile devices. They serve as points of access to an enterprise network and create points of entry that function as gateways for malicious actors. Since end-user workstations make up a huge portion of endpoints, we’ll be focusing on their security.
In an ambitious leap towards improving the Nation’s security posture, President Joe Biden has instituted an Executive Order to improve cyber threat information sharing between the U.S Government and the Private Sector. The goal is to align cybersecurity initiatives and minimize future threats to national security by modernizing cybersecurity defenses in the United States.
The European Union’s General Data Protection Regulation applies to any organization that operates in the EU or that collects or processes the personal data of EU citizens. So if a business in the United States (or anywhere else in the world, for that matter) does handle such data — yes, the GDPR can apply to you. That said, the exact compliance requirements will vary depending on the size of your company and how you process and store the applicable data.
Third-party risk management (TPRM), also known as “vendor risk management” is the process of managing risks introduced to your business by your organization’s vendors, suppliers, contractors, and service providers. Any outside party that plays a significant part in your company’s ecosystem or supply chain is considered a third-party vendor.
Confidence isn’t new when it comes to cybersecurity. All the way back in 2015, for example, 86% of security professionals working in the energy sector told Tripwire that they were confident they could detect a breach in a week. Just less than half (49%) said it wouldn’t take them longer than a day to spot an attack. It was the same story a year later when Tripwire surveyed infosec professionals in the retail sector.
The Fourth of July is just around the corner and many Americans are looking to celebrate their holiday with family and friends. “Grillin’ and chillin,’’ as it’s come to be known, is an industry. But what if the prices of meat spiked overnight or, worse still, if there was no meat available on supermarket shelves? And what if consumers learned that this disruption could have been prevented if meat producers had secured their supply chains with modern technology?
Artificial intelligence (AI) and machine learning (ML) systems have become the norm for using client data to provide recommendations to customers. As more people are working from home and conducting business online, it is imperative that fraud detection software is used to protect user information. But these protective systems also utilize ML to automate the process and understand when a potential attack is taking place.
When your customers want help, ticketing systems provide the first line of communication between your company and your customers. Solving a problem or resolving an issue for your customers often requires collecting a lot of information and context throughout the support interaction. Especially today, these interactions can be captured through a myriad of channels including but not limited to messaging apps, SMS, social media, help centers, forums, bots, video conferencing, and more.
In a nutshell, application security (AppSec) testing is the process of ensuring software is built to be as resistant as possible to outside threats. When applications are secured through effective testing methods, weaknesses and vulnerabilities in the source code and third-party components can be easily identified, managed and actioned before the software is deployed.
Snyk is excited to announce the general availability of Snyk Container as an officially supported and published extension in the AWS CloudFormation Registry! The CloudFormation Registry lets you manage the extensions that are available for use in your CloudFormation account. Public third-party extensions, like Snyk Container, are made available in the registry for use by all CloudFormation users alongside those published by Amazon and must be activated before use on your account.
Good data governance can go a long way toward reducing business risk. If your content and your data are secure, you’ve eliminated danger to your customers’ information and secured your proprietary information. From a digital perspective, you’re ahead of the game. But data governance shouldn’t be your only concern.
Cloud-based solutions have become essential to how we work and play in the digital era. Many organizations continue their rapid embrace of cloud-based solutions to enable their employees the flexibility to work from anywhere. Cloud spending this year could hit $332 billion, up 23% from 2020, according to a forecast by Gartner, Inc. 1 The cloud has raised our expectations regarding productivity as organizations view the cloud as a true engine of competitive advantage.
Many businesses are shifting workloads to the cloud in an effort to increase efficiency and streamline workloads. In fact, according to the Flexera 2021 State of the Cloud Report, roughly 90% of enterprises anticipate cloud usage will expand even further as a result of COVID-19. While cloud computing can offer organizations a competitive advantage, it is important not to rush into cloud adoptions without understanding the risks involved as well.
The University of California at Davis is an agriculturally focused university of more than 30,000 students. Founded in 1905, the university performs federally funded research for the U.S. Department of Defense, U.S. Department of Agriculture, and other agencies. It’s also home to an electric power substation, police and fire departments, and even an airport. All of this combined is a digital security challenge for Jeff Rowe, the university’s cybersecurity architect.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. With various incident response reports showing intruders can be around for a long time before acting, this report of a 8 second exposure really brings home to what someone can get if the opportunity presents its self.
Following a string of 83 data breaches in 2019 alone, the United States Department of Defense (DoD) established the Cybersecurity Maturity Model Certification (CMMC). The CMMC framework is a unified national standard for improving cybersecurity. Companies in the defense industrial base (DIB) must implement CMMC requirements in order to win contracts. Read on to find out how you can achieve compliance.
This is the third of three blogs in a series to help the energy and utility industries. You can read the first blog on Ransomware and Energy and Utilities and the second blog on Threat Intelligence and Energy and Utilities as well.
For organizations that work in or partner with the healthcare industry, HIPAA compliance is of paramount importance. Keeping a patient’s medical records and personal information safe isn’t just a matter of avoiding penalties. It’s also key to building trust with patients and, ultimately, providing great patient care. Here’s what health organizations and their partners need to know about PHI and keeping it secure.
We are delighted to announce that Netacea has won an award at the 2021 Global Business Tech Awards for our innovative Intent AnalyticsTM cybersecurity solution! After winning the UK Business Tech Award for Best Application of Tech – Security in 2020, we set our sights on the global awards this year. We are over the moon to have been recognized with the title of Best Application of Tech – Security, this time on the international stage!
SecurityScorecard’s Investigations & Analysis team conducted an investigation into the details surrounding the USAID.gov attack. As has been previously reported, the attack has been potentially attributed to the organization commonly known as Cozy Bear, but our investigation found that the campaign is likely much larger, and began much earlier than has been reported.
Threat hunting is emerging as a must-have addition to cybersecurity strategies. By enabling organizations to find and mitigate threats before they ever touch their networks or systems, threat hunting provides the basis for a more proactive security posture – and one that delivers higher ROI on security tools and processes. How can businesses actually add threat hunting to their security arsenals? That’s where solutions like Sumo Logic's Cloud SIEM come in.
A Virtual Desktop Infrastructure looks like a great match on paper. What’s not to like? You know where it is on Friday night, with your apps and data on your servers, not cruising the internet or making out on someone’s BYOD. It seems safe since it forces web access through the ‘house’ security stack and requires an ID check at the front door. It can be exclusively available only to users on your network via VPN, SD-WAN, or local network connection.
Blockchains are not new – they have been around since 2008. A blockchain is simply a distributed database or ledger technology, which stores and manages files of information into groups of data – so-called blocks – which are cryptographically signed and linked together to form a chain. Hence blockchain. Each block also contains a record of exactly when it was created to produce a complete timeline history, which cannot be corrupted, lost or changed.
Mobile Application Penetration Testing Methodology as a security testing measure, analyses security perimeters within a mobile environment. Derived from the traditional concept of application security methodology, its main focus lies on client-side security and it broadly puts the end-user in control. By conducting penetration testing, companies can gain insights into the source code’s vulnerabilities, bottlenecks, and attack vectors beforehand.
Corporate cybersecurity professionals must be on constant alert to avoid the wide range of cyberattacks that can be thrown at them today: malware, ransomware, trojan horses, social engineering, and spear-phishing attacks, to name just a few. Among the most serious of attacks is the advanced persistent threat (APT). An APT is an attack that uses sophisticated methods to gain access to information systems and sensitive information.
Considering the threats posed by the digital world, organizations today must think about security and the way it affects their software. With business outcomes and revenue on the line, setting up and running an effective application security (AppSec) program is no longer just nice to have—it’s imperative. Practitioners need to identify vulnerabilities in their applications to prioritize risk and mitigate risk, a goal that can only be achieved through comprehensive AppSec testing.
The vast majority of today’s applications are made up of open source components. The 2021 “Open Source Security and Risk Analysis” (OSSRA) report, conducted by the Synopsys Cybersecurity Research Center (CyRC), found that 75% of the 1,500+ codebases analyzed were composed of open source. Understanding what’s in your codebase is essential, and for M&A transactions it’s one of the key drivers for performing software due diligence.
The exploitation of traditional remote access technologies is reaching new records. That, in a nutshell, is the main finding of Nuspire’s Threat Landscape Report Q1 2021. The report, sourced from 90 billion traffic logs during Q1 2021, looks at a range of events such as malware activity, botnet activity, exploitation activity, and remote access. The remote access section probably best illustrates the risks posed by the sudden shift to remote working.
We’re excited to announce the launch support for AWS CloudFormation in Snyk Infrastructure as Code. In our recent Infrastructure as Code Security Insights report, we found that 36% of survey participants were using AWS CloudFormation (CF) as their primary infrastructure as code tool of choice. Using Snyk Infrastructure as Code, you can now scan your CF YAML or JSON templates against our comprehensive set of AWS security rules.
The combined, specialized efforts of ForgeRock and Accenture in digital identity for healthcare, especially during a global pandemic, have provided a unique perspective. The unexpected digital transformation journey that the healthcare industry has taken from pre-pandemic to current day is staggering. Along with the front-line workers, the healthcare IT and digital experience teams that quickly made digital access and telehealth care available to the masses deserve our thanks.
A couple of weeks ago The Payments Canada SUMMIT gathered more than 2,000 delegates from financial institutions in Canada and around the world for a virtual one-week conference. INETCO was a sponsor of Canada’s premier payments event. Our team participated in industry discussions, met peers, and learned more about future innovation opportunities in the financial ecosystem. 2021 was a record-breaking year for The Payments Canada SUMMIT.
The many business benefits made possible by digital transformation are undoubtedly making waves across industries. Data is the raw material that drives smarter decision-making, and as such, drives value for organizations, but things quickly get challenging when you start to consider how all that data will be used—and who has access to it, when.
The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the fifth in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture. Now that your organization is smarter about its traffic, able to see what’s going on, and able to enforce policies to secure its data, you can realize the promise of a remote-first workforce.
The data privacy regimes in Russia, China, and the United States are very different from the regimes elsewhere. The financial lure of selling to, or processing data on, EU residents is strong, which has led other countries to adopt the General Data Protection Regulation (GDPR) or something like it. Russia, China, and the United States are large enough for other forces to dominate, including the desire to have their citizens’ data stored locally, as we’ll see.
Companies generate data at an exponential rate, and the task of analyzing data to produce relevant security insights can be overwhelming. With evolving market dynamics and threat landscapes, security teams have a greater need for integrated and scalable monitoring that provides real-time and meaningful insights into the state of organizational security posture.
DevSecOps is a team effort. Learn how to build security into DevOps to deliver secure, high-quality software faster using SAST and SCA software solutions. Modern software development is more of everything: more code, in more languages, on more platforms, with more deployment options. DevOps demands automation to maximize velocity and continuous improvement throughout process feedback. All this more also means more security risk.
In the cybersecurity field, Zero Trust is becoming a widely used model. Data breaches taught organizations to stay cautious regarding security, especially when it comes to information protection - and a Zero Trust model may be the best option. Nobody, including clients inside the firewall, should be trusted, per Zero Trust. Internal threats are a huge concern. And for many attackers, penetrating the barrier is a simple operation, thanks to easy access to leaked credentials.
It’s the stuff of IT managers’ nightmares and it is coming to a server near you: ransomware attacks, phishing schemes, privacy breaches, and other yet-to-be imagined cyber threats aiming to pilfer the sensitive data stored on your IT systems. Cybercriminals target large companies like Microsoft, Equifax, Expedia, and Barnes & Noble just to mention a few big victims from 2020.
Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Security’s Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many of the existing controls in that version. It also cleaned up the language of the CIS Controls, simplified some working, removed duplicate requirements, and created an abstract for each of the security measures.
Cryptocurrency and blockchain are two of the hottest trending topics in the financial and tech worlds, with interest in Bitcoin, Ethereum, XRP and even Dogecoin exploding in recent years. This growing interest in cryptocurrencies has made them a target for fraudsters. But it’s not just the popularity of crypto trading that has criminals chomping at the bit. The nature of blockchain currencies makes them highly susceptible to fraudulent activity.
Use of cyber threat intelligence in a security operations center is an essential part to attain a strong security posture. Therefore, since cyber threat intelligence is that important, understanding the general framework of it is also vital.
Many people will have heard of the SPDX project through the work on the SPDX License List. This list of canonical identifiers for various software licenses is used in a huge range of developer-focused software, from Snyk to GitHub. But the SPDX project, which is part of the Linux Foundation, has a much broader focus on providing an open standard for communicating software bill of material information.
There are a lot of challenges one might face when trying to identify the best SAST tool for your team. But how do you measure something that is meant to find unknowns? How do you know if the tool is appropriate for your needs? How do you compare different tools? It’s no wonder that we often get asked, “Does Snyk Code have coverage for the OWASP Top 10?” followed by “How do you suggest we evaluate and compare different SAST tools?”
Software supply chain breaches are headline news right now, and they’ve even been given an honorable or, more accurately, a dishonorable mention in the White House’s recent Executive Order on cybersecurity. But the software supply chain is not new. In fact, it’s been around since the mid-’80s, and so has the risk. The software supply chain contains all the software components needed to create and deliver a fully functional software product.
At Netskope, one of our core values as a company is that customers are always our number one priority. We know that technology projects are rarely easy undertakings and it’s our job to be there for our customers and for them to know we have their backs. With that in mind, we are excited to announce that Netskope has been recognized as a Customers’ Choice in the June 2021 Gartner Peer Insights ‘Voice of the Customer’: Secure Web Gateway.
Data breaches are costing organizations millions of dollars on average. In its 2020 Cost of a Data Breach Report, IBM found that a data breach cost the average organization $3.86 million. This price tag was even greater for organizations located in the United States and operating in the healthcare industry at $8.64 million and $7.13 million, respectively. What’s behind this price tag, you ask?
Do you remember a time when you were amped up to buy that new pair of shoes, or any special item online – only to have your credit card or other payment information (which you know is real), declined? All of that time spent browsing, selecting, getting off of your couch to find your credit card, entering payment information wasted? You are not alone!
We alluded in one of our previous posts that the development team will own a lot of responsibility defining application related resource access control, simply because the dev team owns the infrastructure as code (IaC) responsibility themselves. No matter how security-savvy and security-educated a development team is, the central security team still needs some control, some kind of “trust but verify”.
One of the key reasons SecurityScorecard commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) Study was to help the market move on from using spreadsheets as a Vendor Risk Management (VRM) tool. The primary reason for IT teams to look at SecurityScorecard or any other VRM automation platform is simple. IT (Information Technology) will help IT teams get better leverage on their two rarest commodities in the security world, time and talent.
As organizations increase their cloud footprints, it becomes more and more important to implement access control monitoring for as many resources as possible. In previous playbooks, we have shown examples of AWS and Azure account monitoring, but the series would not be complete without also supporting Google Cloud Platform (GCP).
Businesses need to act now to survey their supply chain, developing the capacity to anticipate and respond to supply chain risks, minimizing the impact and optimizing opportunity. In March, the world witnessed a curious scene. A container ship longer than the Empire State Building became lodged in Egypt’s Suez Canal, creating an incredible spectacle as heavy construction equipment and a fleet of tug boats tried to dislodge the vessel from the canal walls.
The recent ransomware attack on Colonial Pipeline is reportedly one of the most significant cyberattacks on the energy sector till date, and it has overwhelmed cybersecurity experts across the globe.
We asked Roger Bell, Head of Content, to tell us about the important work that happens behind the scenes to optimise the technology we use to deliver our ThreatDetect™ MDR service and protect our clients 24/7.
Industries most impacted in 2019 continued to be hard hit in both 2020 and so far in 2021, including healthcare, education and financial services. However, the greatest percentage increases occurred in industries that had been generally spared in 2019. The overall implication is that data attacks became broader and deeper during the pandemic, a trend that continues during the recovery.
Today, more organizations than ever use Open Policy Agent (OPA) as the de facto standard for policy enforcement across the cloud native stack. A graduated project from the Cloud Native Computing Foundation (CNCF), OPA has dozens of use cases — from Kubernetes guardrails, to microservices authorization, to infrastructure-as-a-service controls — that are leveraged by millions of users.
By Jonathan Leitschuh; Daniel Elkabes, Senior Security Researcher at WhiteSource; Ofir Keinan, Software Developer at WhiteSource The latest Maven release 3.8.1 contains a fix to security vulnerability CVE-2021-26291. Detected and reported by security researcher Jonathan Leitschuh, the vulnerability affects over 100,000 libraries in Maven Central, according to the WhiteSource security research and knowledge teams.
Remote workforces accessing applications and data that are located anywhere is the “new normal.” Across the globe, organizations of all sizes are struggling to modernize their infrastructures to accommodate this new reality while accelerating their digital transformation initiatives.
Ransomware prevention measures such as securing your applications can help you avoid becoming the next target. Ransomware isn’t a new problem—not even close. It’s been around for more than 30 years. But like every element of technology, it has evolved. Instead of being an occasional expensive nuisance, it’s now a plague with existential implications for critical infrastructure—energy, transportation, food supply, water and sewer services, healthcare, and more.
Federated identity systems, such as Google Identity, bring security and convenience in the form of SSO for Internet or cloud applications. It is common to be prompted for authentication in order to grant various levels of access or permissions for applications ranging from Google Drive, Google Cloud SDK, Google Chrome plugins, Slack, Adobe, Dropbox, or Atlassian to numerous third-party apps.
We’re excited to share that we have enhanced our partnership with Atlassian. In support of this partnership, today we are releasing full availability of the new integration, which natively embeds Snyk into Bitbucket Cloud for security. The Snyk security integration is free and easy to set up with just a few clicks inside the Bitbucket Cloud product. For the first time, developers can consume information that was previously only available inside Snyk now within Bitbucket Cloud.
As an omni-channel customer service solution, Zendesk allows for companies to meet customers where they are by providing a variety of options for customer support, intake, and management of the overall customer experience (CX) process.
The Anti-Phishing Working Group (APWG) has just released its Phishing Activity Trend Report for Q1 2021. The first findings are easily predictable; the dispersion of the workforce is pushing phishing attacks to new records: just in January 2021, the APWG detected 245,771 unique phishing sites, the highest number reported so far.
The responsibility for compliance with GDPR privacy laws, and the consequences of non-compliance can vary greatly from one organization to another. Often it is not clear who is responsible for data protection – whether or not they are a “data controller” or “data processor” – but here are some guidelines in order to help you determine which category your company falls into so as to best take necessary precautions against breaches or other potential illegalities.
Are you a DigitalOcean vendor or user and developing or deploying a Kubernetes application? You may want to preserve your cluster configuration, backup your persistent volumes to protect them from ransomware, accidental deletion, and long-term retention policies. CloudCasa is the only data protection and disaster recovery solution that has been tested and certified as a 1-Click appliction with DigitalOcean Kubernetes and available in their marketplace.
Security teams defending Windows environments often rely on anti-malware products as a first line of defense against malicious executables. Microsoft provides security vendors with the ability to register callbacks that will be invoked upon the creation of processes on the system. Driver developers can call APIs such as PsSetCreateProcessNotifyRoutineEx to receive such events.
AT&T Alien Labs has observed the Mirai variant botnet, known as Moobot, scanning for known but uncommon vulnerabilities in Tenda routers, resulting in a considerable peak in our internal telemetry. The research associated with this peak resulted in the discovery of a malware hosting domain, providing several different Mirai variants, like Moobot and Satori.
If you are new to the security world, it is fair to ask yourself, “Isn’t access to data and systems always conditional? Isn’t it always granted to someone who has access to the credentials (ID and password)?” True enough, but in totality, the approach to managing access encompasses a broader spectrum of privacy policies. These policies include a mix of different strategies that can be applied based on an organization’s security vulnerabilities.
With the introduction of more data privacy laws, companies can use a data security strategy and framework to help them achieve better compliance. This is the second post in a data protection blog series that addresses how organizations can better protect their sensitive data. This blog post addresses data privacy laws, frameworks, and how organizations can create their own data security strategies and frameworks to achieve compliance with today’s data privacy laws and standards.
HTTPS is a way to transmit data securely over the internet, and it is important for both business owners and consumers. Website owner enables HTTPS port TCP 443 to secure web pages, online transactions, email communication, and other types of data transfers on the internet.
While there may still be the occasional team that handles everything themselves, most software products are made up of a variety of services from different vendors. From data storage to customer management, third party data processors are a nearly unavoidable part of any organization.
Slack has become one of the most integral platforms for businesses over the last decade, with more than 12 million users currently active. Despite its popularity, however, there are some Slack security concerns that linger from the platform’s 2015 security breach. Here’s what you need to know about Slack security and how to protect your sensitive information on the platform.
Snyk is a developer-first, cloud native security platform that scans for vulnerabilities across code, dependencies, containers, and infrastructure as code. Snyk does a great job of surfacing vulnerabilities in your codebase, but it can often be challenging to map these issues back to actual services and their owners. Fortunately, Snyk’s robust API can be used to tune Snyk to integrate into solutions designed to help engineering teams understand and improve their service-oriented architecture.
Businesses sit on massive, ever-growing piles of data. According to Dave Reinsel, senior vice president, IDC's Global DataSphere, 64.2 zettabytes (ZB) of data was created or replicated in 2020. And the amount of digital data created over the next five years will be greater than twice the amount of data created since the advent of digital storage. But data isn’t just growing, it is spreading to more applications, more users, and more devices than ever.
Devo recently published a new research report Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, based on a survey conducted by Enterprise Strategy Group (ESG). ESG surveyed 500 IT and security professionals working in the security operations center (SOC) chain of command at organizations with more than 1,000 employees in North America and Western Europe. The survey took place in the first quarter of 2021. This is the first in a series of posts about the report.
The head of the UK’s National Cyber Security Centre has warned that ransomware has become the biggest threat to British people and businesses. In a speech being given today by Lindy Cameron, chief executive of the NCSC, to the RUSI think tank, she highlights the need for ransomware problem to be taken seriously, and warns of the “cumulative effect” if society fails to properly deal with the rising threat.
Cybersecurity is more than “just” technology these days. With legislative bodies increasingly writing more laws, technology and legal terminologies have become more intertwined than ever before. As organizations build cyber risk strategies, they need to understand risk mitigation’s underlying goal. This is why understanding the difference between due care and due diligence is important to how you set your risk mitigation strategies.
Are you the type of person who loves the command-line? Is tab-complete your friend? Do you move faster on a keyboard than with a mouse? Then Phantom Slash Commands are for you!
It’s no secret that organisations are up against skilled, relentless and determined adversaries. Security operations teams need to continuously test their detection capabilities by carrying out adversary emulation plans that are made up of varying tactics, techniques and procedures (TTPs) and track key metrics of their coverage in order to close any existing gaps. There are many tools available for running adversary emulation plans and performing purple team exercises.
You see the headlines, and perhaps, ‘thank goodness it wasn’t us’ flickers through your mind. An overly permissive web server exposes 100 million+ consumer credit applications, or an S3 bucket leaves hundreds of millions of user records open to the public. A nightmare scenario for any CISO and their cloud security team!
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In light of rising concerns over cloud cybersecurity, this week we explore the concept of confidential computing. The past year has seen strong adoption of cloud technologies due to accelerated digital transformation and a cloud-first approach in business.
Penetration testing, also known as “pen testing,” is an intentional, simulated cyberattack against your IT systems to find vulnerabilities and test the efficacy of cybersecurity controls. For example, penetration testers can use this tactic to improve web application security mechanisms such as firewalls. Pen testing might involve an attempt to breach access controls to gain access to a private network.
Yesterday, it was revealed virtually that Calligo won Channel Partner Insight’s North American MSP Innovation Awards 2021 Growth MSP of the Year. This was the third annual North American MSP Innovation Awards 2021, run by Channel Partner Insight, the transatlantic channel business publication.
Penetration testing is the cornerstone of any cyber security strategy, yet enterprises often don’t get an optimal outcome from their pen test engagements. In this blog I’ll be looking at the three main reasons behind this, and also suggesting an alternative way of working that could vastly improve security outcomes whilst also increasing business value.
In 2021, digital transformation has accelerated. At the tail end of the COVID pandemic, with companies remaining remote, the demand for cloud services in the enterprise is the highest It’s ever been. Healthcare organizations, which more directly encountered the acute challenges posed by the pandemic, were among the first to be shaped by the current wave of digital transformation.
As a cloud-native data loss prevention solution, Nightfall DLP can natively integrate with some of the most popular SaaS applications in order to protect against the proliferation of sensitive data in these environments. With our native integrations, Nightfall helps keep client data safe on apps including Slack, GitHub, Google Drive, Confluence, and Jira. But did you know that Nightfall also exists as a standalone DLP API?
‘Hoteling’ is the latest concept for business leaders developing hybrid work strategies. Numerous research reports have emerged highlighting that employees don’t want to return to the office full time. Buffer found that 94% of respondents who started working remotely during the pandemic would like to continue to work remotely some of the time for the rest of their career, and this figure jumps to 99% for those who worked remotely prior.
In a strong shortlist of seven finalists, Redscan took home a High Commendation in the Best Managed Security Service category for the second consecutive year. We were also a finalist in the Best Customer Service and Best SME Solution categories. The SC Awards recognises the people, products and services that exemplify the best solutions for customers in the security industry.
It is increasingly common to hear about cyber threats to energy and utility industries. These are malicious acts by adversaries that target our data, intellectual property, or other digital assets. All too often it seems as though energy and utility companies are put in a defensive position to battle it out with these cyber intruders. How can the industry switch to a more offensive position when it comes to understanding these threats?
Software as a service (SaaS) apps have reshaped the way we stay productive. By having everything easily accessible in the cloud, we are able to get work done from anywhere and on any device. But, as we know, this flexibility has also introduced security challenges, as your data is also easier to reach for malicious actors. This is why the purchase of a cloud access security broker (CASB) is never that controversial. Most organizations understand that cloud apps require additional protection.
As you go about the work of managing your IT environment, it’s likely that you already apply the Principle of Least Privilege (POLP, also known as “least privilege access”) — probably without giving this important concept a second thought. After all, not every employee in your company has admin rights on your website, or access to your financial accounts.
On January 20, President Joseph Biden issued Executive Order (E.O.) 13990 to help protect U.S. bulk power organizations. This Order enacted a 90-day suspension of E.O. 13920 which was set by the previous administration. The new executive order empowered the Secretary of Energy (“Secretary”) to publish new criteria around pre-qualifying vendors of electric equipment, as well as to devise rules for helping U.S. entities replace electric devices at risk of sabotage.
If you're an Australian business and confused about which cybersecurity frameworks you should be complying with, you're not alone. Unlike the United States, Australia currently doesn't have clear mandatory minimum cybersecurity standards for businesses. This is likely to change in the near future. The Australian government is being pressured to follow the United State's lead in lifting the Nation's security posture.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Kudos to the various organizations who pulled off amazing sting. I’ve said this many times over the years, but I really mean it this time. THIS one has to be a movie!
As supply chain attacks continue to dominate headlines, software development teams are beginning to realize that package management can’t be taken lightly — the threats hidden under the hood are real. In this installment of The Source, we want to talk about the practices and tools that developers need to adopt in order to protect against supply chain attacks.
This is part 2 in a mini-series about the current paradigm shift in security towards a continuous security approach. Richard Carlsson, Detectify CEO, was on Enterprise Security Weekly to shed light on it and this article delves into the need for velocity to activate this strategy.
Get practical steps for MISRA and AUTOSAR compliance to improve code quality, safety, and security in automotive software. Recent advancements in the automotive industry include the development of autonomous driving systems, connectivity units, and digital cockpits and infotainment systems that improve the user experience.
90% of companies are on the cloud (Galov). That includes industries historically slow to adopt new technology, like Architecture, Engineering and Construction (AEC). However, recent economic and workplace disruptions have pushed AEC firms more aggressively into the public cloud waters - looking for cost effective ways to access compute power, more efficiently process data, provide access to files and applications, and tap into advanced analytics to draw insights from and manage data.
Reducing the cost of application development without compromising on delivering great experiences to users sounds like a lofty goal. At ForgeRock we make it easy for you. Follow these three simple steps.
The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the fourth in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture. This is when you’ll begin to put NG-SWG to work as you lay the foundation of your SASE. Fortunately, the capabilities needed to set things right are built into NG-SWG.
President Biden’s cybersecurity executive order from last month should cause little surprise for anyone following news headlines over the past year. The order is the U.S. Federal Government’s important response to a long list of incidents, starting with the SolarWinds attack and ending with a recent ransomware attack against Colonial Pipeline —- the largest known attack against a US energy firm.