October 2021

Credenxia leaps into the future with Dock's API

Preparing to move towards a decentralized solution for creating and managing employee credentials, Credenxia is working with Dock to build a Proof of Concept (PoC) application to create, issue, manage, and verify credentials instantly. This PoC is now complete!

Introducing AT&T Managed Extended Detection and Response (XDR)

In today’s dynamic threat landscape, having different tools to meet unique security requirements helps keep data protected. However, businesses today have 10 to 50+ security tools and consequently spend too much time managing them instead of protecting against cybercrime. This security tool overload creates internal challenges and potentially distracts from the primary business mission.


Ethical hacker shares top tips to protect your attack surface

The underrated threat of domain takeover and hacking a firm’s internal and external attack surface can enable malicious actors to circumvent many advanced website protection mechanisms. However, Detectify Crowdsource hacker Jasmin Landry says that deploying an external attack surface management (EASM) system can help beef up your security before a malicious hacker wreaks havoc on your company. A common aphorism in cybersecurity is that there’s no such thing as perfect security.


Key Takeaways From the NIST Ransomware Risk Management Profile

Ransomware groups have generated so much damage that the United States Federal government has made it a top priority to thwart such efforts including, hosting a major international summit on the topic, setting up a ransomware task force and repeatedly urging organizations to improve their cyber resilience.


How does encryption remove risk for auditors?

For those in the security space or at C-level, you’ve likely seen a recommendation about how to manage encryption and corresponding keys. Or at least something about encryption needing further consideration. Chances are, if you’re reading this you have at least an interest in the topic and are researching relevant products.

Splunk SOAR Feature Overview: Apps

Splunk SOAR apps are the integration points between Splunk SOAR and other security technologies. Through apps, Splunk SOAR directs your other security tools to perform actions, such as direct VirusTotal to check file reputation or Cisco Firewall to block an IP. Splunk SOAR’s app model supports integration with over 350 tools and over 2100 different actions. All Splunk SOAR apps are available on Splunkbase.

Splunk SOAR Feature Overview: App Editor

A common task on the Splunk SOAR platform is installing a new app, or updating existing apps. Apps extend the Splunk SOAR platform by integrating third-party security products and tools. With the Splunk SOAR App Editor, you can create, edit, and test apps all from one place, making the app development experience easier and faster than ever. We currently offer more than 350 premade apps that are accessible right now.

Sumo Logic recognized as a Leader in the GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR)

Everyone here at Sumo Logic is thrilled to announce our inclusion as a Leader and Outperformer in the 2021 GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR). We’re excited that our Cloud SOAR solution is getting this recognition and we’re confident that this is just the beginning. We are even more motivated to keep on innovating and molding Cloud SOAR into a solution that will pave the way for the future of the modern SOC.


Introducing the Security Visionaries Podcast

I am often asked what has changed and what will need to change most about cybersecurity in the next few years, especially as we come out the other side of a global pandemic that upended all kinds of plans. But let’s start by level-setting: the grand strategy for security—protect data—hasn’t changed. It’s the tactics that have changed, and more importantly, must continue to change.


Interested in a Career in Cybersecurity? These Tips Can Help Guide Your Journey

With the current global cybersecurity talent shortage just over three million, and the cybersecurity job market continuing to grow (31% in the U.S. by 2029), opportunities are plentiful for anyone interested in a career in cybersecurity. In support of this week’s Cybersecurity Awareness Month theme, “Cybersecurity Career Awareness,” I had an opportunity to speak with Dave Stromberg, ThreatQuotient’s Talent Acquisition Manager.


Snyk joins OpenSSF: Tackling open source supply chain security with a developer-first approach

I’m excited to share that Snyk has joined the Linux Foundation’s expanded support of the Open Source Security Foundation (OpenSSF) as a premier member alongside Microsoft, Google, Cisco, Facebook, Intel, VMware, Red Hat, Oracle, and others. As Snyk’s mission is to enable developers to develop fast while staying secure, we believe that this cross-industry collaboration is critical to the future of software development and improving the security of open source.


Mobile Premier League Implements ForgeRock to Support Growth for 85 Million Customers Worldwide and Counting

Sometimes you hear the term “explosive growth” when describing businesses, but that description doesn’t always ring true. In the case of Mobile Premier League (MPL), it does. In just three years, this India-based e-sports company has reached unicorn status, securing over 85 million global users. Valued at $2.3 billion, MPL currently offers 60+ games on its platform.


How to Write Crisp and Clear Security Operations Communications Before You Hit Send [Template + Infographic]

You send messages frequently. Text, chat and email: all day, every day. Something so commonplace risks complacency and developing bad habits. Plus, many people won’t give a second thought to cranking out a quick message, but when it comes to writing something you know you have to write – and which will have a wide audience – your tendency may be to freeze up (and break out into a cold sweat).

Free Webinar | What's new in PAM360

Digital keys and certificates are an important category of non-human privileged identities that encrypt web communications and facilitate identification and authorization of users to privileged systems. The latest version of PAM360 brings a plethora of digital key and certificate management capabilities to the table that help IT administrators track and automate the entire life cycle of digital identities from a single pane of glass.

Exchange Online Classification

Watch this quick tip that shows admins how Egnyte classifies sensitive content found in Exchange Online email repositories. Egnyte enables you to securely share content, by using links. But, we know that email attachments are also a common method for your users to send and receive sensitive information. Ensure you have full visibility into where all of your sensitive content resides by adding Exchange Online as a content source for email classification.

3 Ways Egnyte Helps Life Sciences Companies Leverage the Cloud

Life sciences companies increasingly rely on cloud computing environments to accelerate research. The cloud provides cost effective compute power, more efficient data processing, access to files and applications from anywhere, and advanced analytics tools to gain insights from data and manage it. But when a majority of that research is done by external contract research organizations (CROs) or in time zones on the other side of the world, that speed advantage can grind to a halt.

Lunch & Learn: Navigating Increased Transactional Risk Scrutiny

The list and severity of risks that can affect a transaction continue to grow, with cyber becoming an alarmingly difficult challenge for firms of all sizes. With tighter scrutiny around Regulations S-P and S-ID, a variety of disclosure obligations and new encrypted messaging apps, conducting proper cyber due diligence is imperative. However, will cyber diligence slow the deal? What are the implications for taking shortcuts?

Shared iPads at work: How MDM helps you get the most out of them

Many organizations allow their corporate devices to be shared by different employees, or hand them out to teams or departments on a rotating basis. Healthcare providers, logistics companies, retailers, and schools often deploy mobile devices that are shared to ease the device management process, cut down on inventory costs, solve issues arising from workspace changes, and efficiently manage contract employees and students.


6 Most Common Causes of Data Leaks in 2021

The trend of global data breach events is steep and still continuing to tilt upwards. According to the latest data breach investigation report by IBM and the Ponemon Institute, data breach costs in 2021 have reached a record high. Last year, the average cost was US$3.83 million, and this year it has peaked at US$4.24 million. Mitigating these events involves comprehensive management of the entire attack surface, including the third, and even fourth-party vendor network.


What is an Intrusion Detection System (IDS)? + Best IDS Tools

An intrusion detection system (IDS) is a software application or hardware device that detects vulnerability exploits, malicious activity, or policy violations. IDSs place sensors on network devices like firewalls, servers, and routers, or at a host level. Once the IDS detects any cyber threats, the system will either report this information to an administrator or a security information and event management (SIEM) system collects it centrally.


Hands-on domain password policy setup for Active Directory

Dealing with the massive architecture of client-server networks requires effective security measures. Everyone has become painfully aware of all dangerous fishes roaming around the pool of the network, trying to get access to the system. Having a weak password policy is a key vector for attackers to gain system access. However, admins can help protect password security of the wide-reaching network using Group Management Policy (GPO).


How HALOCAD addresses Data Security challenges across PLM and Multi-CAD integrations

Modern-day product development is highly complex. This is because industry competition has driven enterprises to focus mainly on their core competencies while they outsource other activities to their partner organizations specialized in such activities. Therefore, in today’s diversified global economy we find that almost all enterprises operate with their operations dispersed across internal productions and external partners.


How blockchain technology is disrupting the telecoms industry

Telecommunications has always been at the forefront of embracing disruptive technologies to create new business models and revenue streams, but the TMT sector is yet to harness the full potential of blockchain technology. Within the telecoms industry, blockchain has the potential to make a significant impact on everything from interconnects, partner management, identity management and mobile payments, as well as internal improvements to operations and automation.


Top 10 Spring Security best practices for Java developers

If you’ve reached this page, you’re probably familiar with Spring and its basic mechanisms already. From its inception in 2002, Spring has become one of the dominant frameworks to build any kind of web application in Java. Web applications usually are the biggest interface between a company and its users—both internal and external. When security is neglected at the developer level, applications can become very desirable targets to hackers.


Nightfall Achieves Compliance with SOC 2 Type 2 Standard

Nightfall, the leading cloud-native data protection platform, has successfully achieved Service Organization Control (SOC) 2 Type 2 compliance. Nightfall is the first cloud-native data loss prevention vendor to complete this certification and meet the American Institute of Certified Public Accountants (AICPA) criteria for managing customer data.


Top Email Security Gateway Services

With the ever-evolving landscape of email security services comes the ‘question’… ‘what are the top email security gateway services’? Our website analytics show that this term is searched for more regularly than most other general searches. A key indicator is that many top email gateway services brands have been tried and tested previously…market research is required to check for innovation – Is there anything you haven’t tried?


Take the Corelight challenge: Splunk's Boss of the SOC

Looking for some threat hunting and incident response practice that's more game than work? Check out the new Capture the Flag (CTF) challenges from Corelight, now available on Splunk’s Boss of the SOC (BOTS) website - just in time for.conf! Our two on-demand BOTS modules will show you how Corelight data in Splunk can accelerate your processes and help analysts spend more time analyzing and less time fumbling with queries and gluing together data sources.


Cybersecurity Awareness Month: 4 Ways to Tackle the Cybersecurity Skills Gap

The security skills gap continues to be a serious issue for organizations and there are no signs that things will get better soon. A June 2021 report by security professionals organization Information Systems Security Association (ISSA) and technology research firm Enterprise Strategy Group (ESG) finds the cybersecurity skills crisis continues on a downward, multi-year trend of bad to worse, and has impacted more than half of the 489 organizations surveyed.


Securing S3 bucket configuration and access with Snyk & Solvo

Solvo is empowering developers and DevOps engineers by enabling them to run their cloud infrastructure with least privilege access, at speed and scale. In this article, we’ll go through a workflow combining Solvo’s automatic platform with Snyk Infrastructure as Code (Snyk IaC) to create customized and secured access from a Lambda function to an AWS S3 bucket. This blog was originally posted on the Solvo website.


Four Dilemmas of a Troubled Financial Services Consumer

I opened my first bank account 25 years ago. Stepping into financial independence filled me with excitement, but also anxiety about all that I had to learn. A lot has changed since then, from the digitization of banking to the introduction of privacy and payments regulations in many parts of the world.


How to Identify and Classify High-Risk Third Parties

Today’s business landscape means having various business partners. From contractors to technology vendors, third parties are now part of everyone’s daily operations. However, with every new third-party you onboard, you also add a new risk. Supply chain attacks compromise your data, even if the third-party isn’t providing you a technology solution. To secure your data, you need to identify and classify high-risk third parties.


Salesforce Monitoring with Tripwire Configuration Manager

You may already know that Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, and Google Cloud Platform, but did you know it also has capabilities to monitor other cloud based software services such as Salesforce? Salesforce is a popular customer relationship management (CRM) service with rich configuration options that could lead to unintended risks if it is improperly configured.


What is virtual CISO? Benefits of a vCISO for your organisation

Cybersecurity is an ever-changing landscape, and it’s essential to have the right people on your team, like a virtual chief information security officer. This person can help you protect yourself from cyberattacks by building out cyber security programming, including infrastructure protection, data management, and customer privacy concerns.


Ad blockers: key tools in the fight against malware

A document sent to the US Congress published by Motherboard, the technology section of Vice, confirms that CIA personnel, the NSA and other members of the US Intelligence Community widely use ad blockers in their Internet browsers. This measure was adopted to remove the distraction of adverts on web pages for employees, but it provides additional protection against malware.


Splunk and Mandiant: Formidable Defense Against Attackers

The security landscape is ever-changing, intensified by more sophisticated threats, and an increasing number of employees working from home leading to an expanding attack surface. Security professionals are tasked with maintaining a secure environment against a plethora of threats, manifested in thousands of alerts and events that are generated by security controls every day.


Public vs. Private Cloud Security: What's the Difference?

Security in cloud computing is often a major concern among cloud customers, mainly because of the risk of losing sensitive data and the difficulties of enforcing the organization’s security policies. Despite cloud computing’s potential efficiency for storing and exchanging files, cloud security remains questionable. According to one report from Statista, 81 percent of respondents found security to be the most prevalent challenge in cloud computing today.


The state of mergers and acquisitions wheeling and dealing

The most recent Transaction Advisors M&A Strategy Forum was held (virtually) in September and offered a wealth of information about deal tactics and terms. Transaction Advisors promotes best practices in all facets of M&A. (Full disclosure: Synopsys is a sponsor of the forum; we find the content very relevant to our clients.)


How Fraudsters Are Exploiting Buy Now, Pay Later Providers

“Buy Now, Pay Later” (or BNPL) schemes are instant approval loans given at the point of sale on eCommerce websites. They are commonly seen on fashion websites, where shoppers are offered the chance to buy products right away and split the payment for their items over several months. Taking the FinTech world by storm in recent years, well-known BNPL providers include Klarna, Clearpay, Laybuy, Payl8r, Afterpay and Affirm.


Watch out for tenants living off your land

The cyberworld has witnessed and defended against several forms of attacks. Some of the most common ones known to disrupt a network include credential stealing, malware installations, worms and viruses, and insider threats. In order to execute these attacks successfully, attackers often use different tools and techniques. For instance, in a ransomware attack, an attacker may install malicious software to encrypt all the files and folders in your network and demand a ransom to recover the files.


How To Transition Your Team From DevOps To DevSecOps

DevOps has transformed the software development industry. The merging of development (Dev) and operations (Ops) teams has largely contributed to quick and effective software releases. The continuous evolution of the application security threat landscape requires organizations to integrate security into the DevOps culture. Thus, DevSecOps has emerged to extend the capabilities of DevOps and enable enterprises to release secure software faster.


8 Different Ways to Bypass SSL Pinning in iOS application

SSL Pinning is a technique that we use on the client-side to avoid a man-in-the-middle attack by validating the server certificates. The developers embed (or pin) a list of trustful certificates to the client application during development, and use them to compare against the server certificates during runtime. If there is a mismatch between the server and the local copy of certificates, the connection will simply be disrupted, and no further user data will be even sent to that server.


FBI warns of ransomware gang - What you need to know about the OnePercent group

The FBI recently published a warning stating that ransomware gang OnePercent Group has been attacking companies in the US since November 2020. This gang of cybercriminals targets individuals within an organization with social engineering tactics designed to fool them into opening a document from a ZIP file attached to an email. Ransomware is then downloaded and the breach is underway.


Analysis of 80 million ransomware samples reveals a world under attack

Google has released a report taking a close look at the more than 80 million ransomware samples uploaded to its VirusTotal service in the last year and a half. Each day, approximately 150,000 ransomware samples were analysed by the free VirusTotal service after being submitted by suspicious computer users, and shared with the security community to enhance their threat intelligence and improve anti-virus products.


Curate and Share Threat Intelligence to Accelerate Security Operations

Over the last several months we’ve seen a tremendous uptick in cyberattacks. Nearly every day, news of another ransomware, supply chain or zero-day attack makes headline news. So, what can organizations do to mitigate risk? One major step forward to improve security operations is to effectively share curated threat intelligence.


Community is the Key to Investor Funding for Open-Source Startups

Securing investors is always a challenge for startups. But for open-source companies, it’s even harder. Open-source companies need the right investors to innovate and enter new markets. But when you deal with a specific subset like open source, it can be difficult to find VCs with the required experience and knowledge. Those of us in the open-source community know it’s not just about the money — it’s also about continuing to grow the community.


Meeting Management Platform for the Insurance Market

Pandemic or not, insurance companies aim to securely and efficiently provide financial assurance to the population. To further support this goal, the insurance market has adopted hybrid workplace setup but is now facing challenges in selecting a digital solution that ensures high-level security, increases efficiency, and facilitates governance practices.


Snyk Code adds Go security scanning (beta)

Snyk Code was launched at the beginning of 2021, and since then it has come a long way in a short time. As a developer-first security tool, it offers an intuitive UI and CLI, embeds in popular IDEs, provides actionable fix recommendations, and scans with industry-leading, real-time speeds and high accuracy. On top of that, it’s all backed by ML-driven algorithms that learn from the global developer community, growing its robust knowledge base exponentially.


What is Fourth-Party Risk?

Outsourcing is a critical part of business management and an important ingredient in business growth. One business outsources some task to another — but that second firm can also delegate some of its own business processes to yet another company. That last company then becomes a fourth-party to the first. As the role of fourth-party vendors expands, having a vendor risk management strategy in place becomes key to organizational success.


What Are the Types of Audit Evidence?

If your organization is required to follow one or more compliance frameworks, an external third party may demand an audit to verify that your company has actually met those compliance standards. When an organization is undergoing an audit, it must provide audit evidence, such as financial statements, internal documents, logs, and emails. The auditor uses that evidence to reach a conclusion about whether or not the client organization has achieved compliance.


How Data-Centric Security Models Build Cyber Resiliency

A data-centric security model moves your cybersecurity away from protecting the place where your data is stored to focus instead on securing the data itself. With cloud computing, there no longer is a single perimeter within which to secure your sensitive information. By protecting the data itself, you assure that no matter where the data goes, your organization is protected against cyber threats.


Security vs. Compliance: Understanding the Differences

As cyberattacks continue to proliferate, it’s clear that organizations must be prepared from both cybersecurity and compliance standpoints. It’s critical, however, to understand that while data security and compliance are both important for risk management and the prevention and mitigation of cyber attacks, the two concepts are definitely not the same.


How to Manage Risk With Internal Control Monitoring

Strong, effective internal controls are crucial to developing an efficient operating environment that drives business growth. Good internal control activities can help organizations deliver value to stakeholders and achieve strategic objectives, while also assuring compliance with applicable laws, regulations, and industry best practices. This guide will take a deeper look into internal controls monitoring, along with suggestions for how to make the process easier.


[Infographics] Cybercrime In Numbers: How To Protect Your Organization

Cybersecurity attacks are increasing at an alarming rate every day. According to the Statista Cybercrime Incidents Report, over 29,000 cases were recorded in 2020 and the target nowadays are small firms as well as large businesses although in the past hackers were not interested by “small fish”.


Windows 11: Registry Keys, SMB Protocol, and SystemInfo

Windows 11 was released on October 5, 2021. It has several new installation requirements including, most notably, Secure Boot and a Trusted Platform Module. These features can provide a more secure computing environment, but if you need to virtualize a Windows 11 environment, you will need virtualization software that supports this.


4 Reasons Why Cybersecurity is Important in Banking

Organized cybercriminals are leaving traditional bank robbers in the dust. Nowadays, the banking sector’s most significant security concerns come in the form of online threats. Banks and other financial institutions process millions of transactions daily, with the majority of the transactions done via digital payment transfer platforms. For that reason, banks have become enticing targets for cybercriminals.


Secure Socket Shell (SSH) Key Management: Risks, Benefits, and 6 Security Best Practices

Protecting your sensitive data and other critical assets requires establishing secure access to them in the first place. Lots of organizations do this by protecting their remote servers and corporate systems with SSH keys. However, even SSH keys can be compromised and abused by malicious actors. In this article, we talk about SSH keys and their role in secure authentication processes as well as about the benefits of effective SSH key management.


4 Cost-effective Cybersecurity Solutions to Enhance Your Defensive Posture Today

October is Cybersecurity Awareness Month, which means that companies are once again surveying the threat landscape. They can’t like what they see. By July 2021, threat actors attempted more than 304 million ransomware attacks, surpassing the 2020 total just halfway through the year. At the same time, the number of phishing scams is soaring, and the cost of a data breach is more expensive than ever before, reaching $4.24 million, according to the most recent industry study.


What is Open Source Intelligence?

Open source intelligence (OSINT) is the process of identifying, harvesting, processing, analyzing, and reporting data obtained from publicly available sources for intelligence purposes. Open source intelligence analysts use specialized methods to explore the diverse landscape of open source intelligence and pinpoint any data that meets their objectives. OSINT analysts regularly discover information that is not broadly known to be accessible to the public.


What is a Cache?

A cache is a temporary data storage location that stores copies of frequently accessed data or files to provide faster access to software or hardware. Computers, mobile devices, web browsers, and other applications use cache to speed up data retrieval. Caches allow faster access to this data by removing the need to reload it each time the device/app needs it. Cached data is reusable and can be retrieved directly.


IAM 101 Series: What Is CIAM?

A customer identity and access management solution, or CIAM, is the foundation for building deeper relationships with your customers. Enterprise organizations rely on CIAM to acquire customers faster, deliver a great customer experience, and protect customer data. To learn more about how CIAM works, its benefits, and how it can help propel your business forward, keep reading.


SIEM use cases: the importance of bespoke threat detection rules

However, SIEM requires the effective application of use cases or threat detection rules to achieve its full potential. In the first of this two-part series, we outline the importance of SIEM use cases (or rules) and the limitations of relying upon those provided out of the box with SIEM platforms.


No Regrets Using Autoregress

If you’re like me, you’ve occasionally found yourself staring at the Splunk search bar trying to decide how best to analyze a series of data, iterating against one or more fields. If your brain gravitates towards traditional programming syntax, the first thing that pops into your mind may be application of a for or while loop (neither of which follow Turing convention in SPL). With commands like stats, streamstats, eventstats, or foreach at your disposal, which one should a hunter use?


Why access management needs to evolve beyond passwords

Access management is a key element of any enterprise security program. Using policies defined by IT administrators, access management enforces access rights across the network. It does this by designating which groups of users are allowed access to which applications and identifying which user attributes are required to access each application. Problems arise for businesses when they base their access management programs entirely around passwords, however.

Making the Most of Digital Risk Protection in Today's Threat Landscape

Hosted by Kroll and Redscan cyber risk experts, this webinar addressed digital risk protection (DRP) and shared impactful use cases for today’s threat landscape. Often classified as “dark web monitoring,” DRP can be merged with cyber threat intelligence services to not only track threats, but take action against threats happening outside of your network.

Protect sensitive data in customer conversations with Nightfall's Intercom DLP Scanner

Chat and messaging systems have helped customer experience teams expand and improve the services they offer through instant communications. As customers reach out to your business via platforms like Intercom, they can often share personal information like personally identifiable information (PII), credentials, email addresses, and credit card numbers (for PCI compliance) in their messages.


How and Why Egnyte Redesigned Its Core Configuration System

Configuration at scale is hard. At Egnyte, we’d developed a flexible system that was advantageous early on but put increasing stress on our engineers and processes as the company grew. And, being a cloud deployed software product, we needed to be able to serve all of its customers, which meant we had to come up with a solution that addressed our current challenges and set us up to support our future growth as well.

Ask SME Anything: What's the difference between Zero Trust and ZTNA?

Zero Trust and Zero Trust Network Access (ZTNA) are often mixed up. In this Ask SME (Subject Matter Expert) Anything Video, Netskope’s Jin Daikoku walks through how Zero Trust, as a principle, can guide your security strategy, and how a ZTNA solution fits under this principle to help enable your users and secure internal resources.

3 Things Every SOC Team Needs to Know About DevSecOps in a Cloud-Native World

It is one of the hottest buzzwords in the cybersecurity landscape not named zero trust. DevSecOps has grown in prominence as more organizations adopt a cloud-native approach to build and deploy applications faster, improve scalability and reliability, and emphasize continuous improvement.


CIS Control 08: Audit Log Management

Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular review is useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of a successful attack. CIS Control 8 emphasizes the need for centralized collection and storage and standardization to better coordinate audit log reviews.


ISO 27001:2013 compliance with Sysdig Secure

The ISO 27001 certification can make a difference when your business is tied with deploying cloud-native applications. Providing relevance and credibility in front of potential customers will show that your company takes security seriously, ensuring the client’s trust. We previously covered other compliance frameworks in our blog, like GDPR, HIPAA, NIST, and SOC 2. Those frameworks also show a strong commitment to security best practices.

Embracing Developer-First Practices for the Cloud Era with Snyk Founder and President Guy Podjarny

In this video, Guy Podjarny, Founder of Snyk discussed the importance of embracing developer-first practices for the cloud era. Guy also shared Snyk's unshakeable dedication to developer and security teams as well as its original vision.

CyRC Vulnerability Advisory: SQL injection, path traversal leading to arbitrary file deletion and XSS in Nagios XI

CVE-2021-33177, CVE-2021-33178, and CVE-2021-33179 are SQL injection, path traversal, and XSS vulnerabilities in the popular application, service, and network monitoring software Nagios XI.

Featured Post

An overview of the MSP industry in terms of IT management and security

A recent survey of IT professionals found that 59% of organizations have adopted managed service provider (MSP) services to oversee and monitor their network infrastructure. A quick glance at the MSP sector prompts the basic question: why do organizations outsource their IT control to service providers? The reasons include trimming costs associated with IT network maintenance and receiving better IT support for network issues when they arise. This corresponds to the definition of managed services; the MSP assumes an ongoing responsibility for 24-hour monitoring, managing, and problem resolution for the IT systems within a business.

Finding Patterns in the Chaos With User and Entity Behavior Analytics (UEBA)

There’s a great scene in the 1997 film “Contact” where the protagonist Dr. Eleanor Arroway, played by Jodie Foster, is informed that her lab’s funding has just been revoked. Arroway’s lab partner explained that the government lost faith in the project due to concerns of her engaging in questionable activities, such as watching static on TV for hours.


2020 Was the Year of the Phish. Let's Make Sure 2021 Isn't a Sequel

2020 was the year of the phish. Well, not officially. According to the Chinese Zodiac, 2020 was the Year of the Rat. But if you look at it from a cyberattack trends perspective, plenty of third parties reported a huge uptick in phishing attacks during 2020. The SANS 2021 Top New Attacks and Threat Report points to both the Microsoft Digital Defense Report 2020 and the 2021 Data Breach Investigations Report as key sources that validate phishing as the most common initial compromise vector.


Container security best practices: Comprehensive guide

Sticking to container security best practices is critical for successfully delivering verified software, as well as preventing severe security breaches and its consequences. According to the 2020 CNFC Survey, 92 percent of companies are using containers in production, a 300 percent increase since 2016. Thus, Kubernetes, Openshift, and other container technologies are present everywhere. But aren’t containers meant to be safe and isolated? Well, kind of.


Cloud Threats Memo: Defining the Latest Dropbox Threat

Who said that cloud services are only exploited by opportunistic cybercriminals? Researchers from Cybereason have recently discovered a new highly targeted campaign, dubbed Operation GhostShell targeting the Aerospace and Telecommunications industries mainly in the Middle East, with additional victims in the U.S., Russia, and Europe.


Optimization is the CISO's COVID Endgame

When the COVID-19 pandemic descended on the U.S., companies took a no-holds-barred approach to maintain their operations. Employees up and down organizational structures were told to work from home, and IT teams were tasked with making that happen. The timeline was short, and approval processes moved quickly, which meant changes to network access and security were made more quickly, and in some cases more haphazardly, than in a “normal” situation.


Avoiding Cyber Security False Positives

Today’s organizations are vulnerable to all kinds of cyberattacks, which NIST (the National Institute of Standards & Technology) defines as an event that disrupts, disables, destroys, or maliciously controls a computing environment, destroys data integrity, or steals controlled information. Expert security teams know that attackers might compromise the enterprise network, systems, or applications; or steal data at any time through any number of means.


Top 5 Things People Hate About PAM

Privileged access management (PAM) solutions have been around in various forms for decades now. Whether you want a password vault, session management, reduced privilege or a combination of privileged management workflows, there’s been no shortage of vendors to choose from. So why does the thought of PAM still make admins shudder? Surely, it should be enjoyable to have a PAM solution humming along, reducing your organization’s risk while you, the admin, focus on your other duties.

CISO Dashboard

Help upper management understand KPIs for your security program. Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data-centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

How to Change File and Folder Permissions (NTFS) in Windows

There are many cases where you will need to restrict your file or folder security to yourself or a certain group of users. Like, you can assign a specific folder in your computer where your home users can access music, images, or videos, or at the workplace to access work files, documents, or more, but you want to restrict the access permissions of users only to that group of files or folders, not your whole computer system.


Fight the Phish! How DevSecOps Can Support the Effort

October is Cybersecurity Awareness Month, the U.S. government’s annual reminder that information security is something everyone needs to consider. Each week of the month has a specific theme, and this week’s topic should be of interest to every CISO: Fight the Phish! There are many layers of defense that organizations can put in place to mitigate phishing, and DevSecOps can be part of that effort. But more on that later. First, let’s look at the current phishing landscape.

Featured Post

3 ways to steer clear of ransomware attacks

It can be hard to react to and remediate ransomware attacks; by the time you realize you're under attack, you're already in damage control mode. The sheer number of ransomware attacks that take place isn't surprising. Though organizations across the globe have long been plagued by ransomware, the recent increase in hybrid work environments has led to a subsequent increase in cyberattacks.

Stories from the SOC - Data exfiltration

The impact of Data Exfiltration, which is the act of copying or transferring data from a computer or server without authorization, has increased over the years and it can be difficult to detect because data is transferred regularly for normal business purposes. If not monitored accurately, company data can be stolen without anyone being aware. Companies in every industry, no matter the size, have sensitive data that must remain private (e.g. PHI, PII, PCI).


What is Privileged Access Management (PAM)? Definition & Examples

As organizations migrate to the cloud and adopt more “as-a-Service” technologies, identity and access have become the perimeter. Remote workforces mean that limiting access according to the principle of least privilege is a fundamental security control. As part of securing applications and networks, organizations need to focus on users with privileged access because they pose greater insider and credential theft risks.


CloudCasa Launches Kubernetes Persistent Volume Backup with Simple Pricing, Automation and Secure Cloud Storage

Just in time for KubeCon + CloudNativeCon North America 2021, Catalogic Software launched the general availability of its premium service for CloudCasa, a powerful Kubernetes backup service that is easy to use, affordable and comes with a generous free service tier. With our Activate Your Kubernetes Backup Superpower theme at KubeCon, CloudCasa unleashes the backup superpower for DevOps and IT teams.


Seven new (and convincing!) phishing scams to watch out for

Cybersecurity would be so much simpler if criminal groups would stick to the same old tried and tested methods. Sadly, that’s never going to happen – they’re persistent and creative. Instead, cybersecurity teams need to keep up to date with the latest tricks in the criminal playbook. There’s no standing still when it comes to cybercrime.

Public Sector Cyber Security beyond the PSN

Recording of a Tripwire Q&A with Gary Hibberd, Professor of Communicating Cyber at Cyberfort Group. As ransomware attacks increase we discuss how the threat is only set to increase as attacks become increasingly sophisticated and government organizations and public bodies in the UK wrestle with the challenges and complexities of migrating securely from the PSN.

Contextualizing the Ransomware Threat Confronting OT Environments

Back in early June, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) published a fact sheet discussing the rising threat of ransomware to operational technology (OT) assets. This development raises several questions. Why is ransomware a threat to OT environments? And what can organizations do to protect their OT assets against ransomware?


Breaking it Down: The Difference Between InfoSec Compliance Types

Compliance is an essential part of any business. From a corporate perspective, it can be defined as ensuring your company and employees follow all laws, regulations, standards, policies and ethical practices that apply to your organization. In the context of information security, it means ensuring your organization meets the standards for data privacy and security that apply to your specific industry.


Risk Control Measures That Work

Conducting a regular risk assessment is an integral part of any organization’s overall risk management program — and sometimes even a legal requirement, depending on your industry, contractual obligations, or the number of persons you employ. A risk assessment is the systematic process of identifying threats or hazards in your work environment, evaluating the potential severity of those risks, and then implementing reasonable control measures to mitigate or remediate the risks.


The Changing Role of the CISO

Back in the early days of networking, many companies assigned all of the responsibilities to anyone who showed any aptitude towards operating a computer. In many companies, this was an accountant or someone else who also managed sensitive financial information. The assumption was that the person managing the corporate books was the most trustworthy person in the organization.


Weekly Cyber Security News 08/10/2021

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. There was me at the early part of the week thinking not much earth shattering infosec the previous week and hoping for some excitement this week. And what happens? Yes something comes along. First being a happy day of no social media.


Staying sane in cybersecurity and dealing with burnout

World Mental Health Day is recognized annually on October 10. At Detectify, we witness the fast pace of cybersecurity each day and to keep up we sometimes need to slow down. We recognize the important of mental health and this year, we asked Crowdsource hacker and founder of Haksec, Luke “Hakluke” Stephens, to share how he manages stress to avoid burnout as a cybersecurity professional.


What Happens When Facebook Goes Down?

On Monday, October 4, 2021, Facebook suffered a prolonged outage when, during routine maintenance, all connections to their global backbone network were mistakenly taken down. More details on the cause and response to the outage are available on the Facebook blog. At Netskope, we help secure the cloud and web traffic of millions of users worldwide. In this blog post, we provide a glimpse into what the Facebook outage looked like from our perspective.


User Entitlement Review Explained

The entitlement review definition is simple: a review of user access permissions and other rights. The goal of a user entitlement review is to ensure that each user in the IT environment has access to the data they need to do their job and nothing more — the principle of least privilege. A structured and regular entitlement review process helps mitigate security risks and protect sensitive data.


How to Observe Cybersecurity Awareness Month and #BeCyberSmart

Cybersecurity Awareness Month is now in its 18th year. Hosted by the CISA and National Cybersecurity Alliance (NCSA), the event’s goal is to raise awareness about the importance of cybersecurity and to ensure all Americans have the resources they need to keep their data secure. This year, Devo is one of the 2021 champion organizations for Cybersecurity Awareness Month.


How Hackers Exploit Passive and Active Attack Vectors

Learn about the methods cybercriminals use to exploit passive and active attack vectors so you can better protect your business or organization from cyberattacks. Cybercriminals will use any means they can to penetrate your corporate IT assets and exploit any vulnerabilities they find. Your ability to predict and prepare for these incidents could mean the difference between preventing a data breach and recovering from one.


The Different Types of Risk Assessment Methodologies

Risk is inherent to all businesses, regardless of your industry — and to prevent those risks from causing harm, you must first know what threats you are facing. The foundation of any successful risk management program is a thorough risk assessment, which can take many forms depending on what methodology best suits your needs.


Securing the edge with Zero Trust

The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved traditional network boundaries. Today, the network perimeter has evolved as workloads have moved to the cloud while non-managed, mobile devices have become the norm rather than the exception. The location of applications, users, and their devices are no longer static. Data is no longer confined to the corporate data center.


Is a verification solution necessary for startups?

The past two years have sure made everyone rethink and reimagine the way businesses must run. These years have been marked by resilience and reinvention. And, for many digital and digitally enabled startups, it’s been a year of remarkable growth. Almost all startups restructured their companies and significantly reduced costs. Many had to explore new distribution channels or new customer segments. Omnichannel consumer brands shifted completely online.


Ransom disclosure law would give firms 48 hours to disclose ransomware payments

Organisations who find their networks hit by a ransomware attack may soon have to disclose within 48 hours any payments to their extortionists. That’s the intention of the Ransom Disclosure Act, a new bill proposed by US Senator Elizabeth Warren and Representative Deborah Ross.


The Power of Data: Calendar-based Policy Enforcement

A problem that is often discussed in the context of policy-as-code is how to get more people other than developers involved in policy authoring. Policy as code is still code, and while tooling and abstractions can help to some extent, the process still involves at least some level of development knowledge.


Cybersecurity Awareness Month Isn't Just for Techies: Tips for Everyone

This month marks the 18th year of Cybersecurity Awareness Month (CSAM) which focuses on helping provide individuals with resources they need to stay safer and more secure online. Now, more than ever, the overarching theme “Do Your Part. #BeCyberSmart” should resonate with everyone.


Do you use SolidWorks? Here's how you can protect your CAD files leveraging your existing investment in Microsoft

Dassault Systemes, SolidWorks is the most widely used solid modeling Computer-Aided Design (CAD) software that runs on Microsoft windows. Any industry that uses drawings, illustrations, designs, specifications, blueprints, prototypes, creatives, and models held in CAD is highly valued. In these industries, the exchange of information is both a necessity as well as a business risk.

Explorer Walkthrough Quick Tour (Part 1)

Start building dashboards and widgets using the tools in Explore. Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data-centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

Focus on Data Governance This Cybersecurity Awareness Month

For 18 years, Cybersecurity Awareness Month has raised technology users’ awareness about the critical importance of cybersecurity and provided them with helpful resources to interact safely online. This year’s observance of Cybersecurity Awareness Month could not be more critical. It is estimated that more than 2,800 ransomware attacks take place each week—that adds up to more than 145,000 ransomware attacks per year.


3 Tips to Building a Risk-Aware Culture

Enterprise organizations and government agencies worldwide are focused on strengthening their computer networks against the risk of a cyberattack. However, a cybersecurity program is only as strong as its weakest link – and that link is often an employee. Yes, employees remain the biggest cybersecurity threat today. So, in addition to putting the right security controls and tools in place, your Information Security team needs to create a more risk-aware culture.


Learn About the Digital Operational Resilience Act

Around the world, and particularly over the past few years, regulators have been looking for ways to strengthen the resilience of the financial sector. In the European Union, regulators within the European Commission (EC) have taken a concrete step to meet this objective through the Digital Operational Resilience Act (DORA). The EC published a draft version of DORA in September 2020.


SquirrelWaffle: New Malware Loader Delivering Cobalt Strike and QakBot

In September of 2021, a new malware family named SquirrelWaffle joined the threat landscape. It spread through infected Microsoft Office documents attached in spam emails. The infection flow starts with a ZIP file that contains the infected Office document. When the file is opened by the victim, the malicious VBA macros download SquirrelWaffle DLL, which eventually leads to deploying another threat, such as CobaltStrike or QakBot.


Strong Relationships Matter More When MSPs Consolidate Vendors

A rising tide lifts all boats. This common phrase offers a perfect explanation of why strong supplier and partner relationships are essential to the success of your business. Partner programs come in all shapes and sizes, but not all provide the same value to you and your business. However, when you invest in developing key business collaborations, both your company and its suppliers can reap the rewards of your efforts.


How Cloud SOAR mitigates the cybersecurity skill gap problem in modern SOCs

Even though the cybersecurity skill gap dropped for the first time in recorded history in 2020, it is still one of the most pressing problems in the industry. Demand continues to eclipse the supply of skilled cybersecurity professionals. The scarcity of qualified security workers with the right skill set, experience, and talent means that critical vulnerabilities turn many organizations into sitting ducks in the eyes of hackers.


BSIMM: Top five software security activities that create a better software security initiative

Looking to build trust in your software? Start with BSIMM12’s top five software security activities. For any organization looking to improve the security of its software, Building Security In Maturity Model (BSIMM) has dozens of options. Many dozens. The 12th iteration of the BSIMM report, released September 28, details 122 software security activities (also known as controls) that were observed in the 128 participating organizations.


Defeating Ransomware with Unified Security from WatchGuard

Ransomware is one of the most talked about and publicized security threats in the modern era. What started as a few high-profile attacks caused by a handful of malware variants has developed into a virulent threat landscape in which increasingly unskilled attackers are able to execute highly effective ransomware campaigns against organizations of all sizes and levels of complexity. Small-to-midsize businesses disproportionately fall victim to ransomware, as they often lack the technical skills and tools needed to prevent infection.

Risk-Based Authentication to Adopt Zero-Trust Security in Your Organization

Risk-based authentication both enhances security and user experience by allowing you to rank the resources you want to protect based on risk level and type of user. This gives you the power to create rules that are unique to the security structure in your organization, therefore enabling more flexibility or higher protection only when necessary.
Featured Post

Fostering a culture of security with a hybrid workforce

Over the past two years, change has been rapid and widespread in the business world. The pandemic forced a frenzied shift to remote work, and the rushed adoption of new tools, workflows, and communication methods. Now, rather than cram back into the office all at once, many companies are testing the waters of hybrid work - either as a stepping stone or an indefinite transformation.

Supply chain attacks: Who's your weakest link?

Supply chains are at the front of everyone’s minds right now. From fuel and food to toys at Christmas – the general public are starting to understand just how finely balanced the global supply chain truly is. Events like microchip shortages in Taiwan and the Ever Given blocking the Suez canal show how interconnected modern economies are, and how dependent our huge populations are on effective supply chains.


Everything You Need to Know About Open Banking Security

Financial services have developed at a breakneck pace, resulting in fierce competition among financial technologies. These services in the digital age must be characterized by three words: rapid, efficient, and intuitive. It is no longer necessary to wait in queues to speak with a bank teller. Consumers today want to manage their accounts using their smartphones, and banks want to earn their loyalty. What is the common ground? Using modern technologies to find new methods of doing things.


Introducing the Palo Alto Networks Panorama Advanced AlienApp

Here at AT&T Cybersecurity, we believe cyber protection should include multiple layers and cover as much ground as possible. Having full visibility into threats on the network and being able to automate actions against them not only reduces an organization’s risk but also frees up time for security teams to focus on other high-value security tasks.


Assessing Cyber Risk: 13 Critical Questions for the Board

Boards of Directors constantly need to be educated about and aware of their organizations’ cybersecurity posture. Regulations hold them responsible for decision-making and governance. Meanwhile, increased ransomware attacks pose a financial risk to their shareholders. To enhance the risk analysis, questions like these can provide visibility into the company’s strategy.


Are bad bots on your website disrupting your SEO strategy?

Search engine optimization is one of the most important aspects of any business’s online marketing strategy. A well-maintained SEO plan provides a low-cost, long-term stream of relevant traffic into a website. Conversely, bad SEO can be very damaging to a business. Poor visibility on search engines like Google hands revenue over to competitors, forces higher spend on PPC advertising, and can damage trust with potential customers searching for you online.


The Future Of Cybersecurity | 5 Reasons Cybersecurity Deserves Your Attention Today

Already a significant concern before 2021, this year has revitalized cybersecurity as a top priority for every organization. Highly consequential cybersecurity incidents at companies like Colonial Pipeline, Kaseya, and T-Mobile brought front-page coverage to the issue, while cybersecurity attacks on small and medium-sized businesses soared, spreading the reach of threat actors.


Introducing Snyk developer-first security into the Terraform Cloud workflow

With the rise in popularity of technologies such as HashiCorp Terraform, Docker, and Kubernetes, developers are writing and maintaining more and more configurations in addition to building the application itself. The growing use of infrastructure as code presents security complexity and the potential for risk that developers often struggle with as their workloads increase and more advanced skills are required.


Kubernetes Security Frameworks - Quick Comparison

The challenge of administering security and maintaining compliance in a Kubernetes ecosystem is typically the same: an increasingly dynamic, changing landscape, be it new approaches of cyberattacks or adhering to changing regulations. Kubernetes security requires a complex and multifaceted approach since an effective strategy needs to: Though security and compliance are often mistaken as two separate requirements, their objectives are the same.


Introducing the Definitive Guide to Ransomware Response

The ransomware racket has grown so sophisticated, even beginners can be successful at it. How’s that for a mind screw? Because the threat has reached epic proportions – so much so that the U.S. is urgently convening an international summit with the sole purpose of addressing ransomware – there is no shortage of blogs and articles about how you should approach the risk. But most simply scratch the surface. Security operations professionals require something more.

When should a startup call the FBI

For this 11th episode of Access Control Podcast, a podcast providing practical security advice for startups, Developer Relations Engineer at Teleport Ben Arent chats with Elvis Chan. Elvis is Assistant Special Agent in charge assigned to the San Francisco FBI Field office. Chan manages a squad responsible for investigating national security cyber matters and has over 14 years of experience in the bureau.

5 Reasons Every AEC Firm Should Care about CMMC

Since the Cybersecurity Maturity Model Certification (CMMC) was released in January 2020, there has been a lot of hand-wringing over what it means and who should actually care. This is especially true for AEC firms, many of which figure this regulation only applies to big system integrators and defense contractors like Northrup Grumman and Boeing. But CMMC isn’t just about large enterprises. Any organization that currently contracts with, or plans to contract with the U.S.


5 Trends in Ecommerce Fraud: How to Protect Your Business in 2021 and Beyond

These days, when I cautiously venture to my favourite shopping mall on a weekend, I notice how different it is from a year-and-a-half ago, when no one had ever heard of COVID-19. It is busy, but not nearly as busy as it was back then. Sadly, I can rarely find my shoe size as merchandise stocks are low due to COVID-related supply chain issues.

Introducing Snyk Learn

Introducing Snyk Learn, a high-quality security education solution available for free that puts developers in control of their own security education journey. With content that is natively integrated into the development workflow, and tailored for developers, Snyk Learn makes security education relevant, actionable and engaging.

Sysmon, The B-sides: Event Codes That Might Not Get As Much Attention...Just In Time For BOTS!

For those who have played our Boss of the SOC competition or attended our security workshops, you are undoubtedly aware of Frothly, but in case you are not, here is a quick primer. Frothly is a fictional brewing supply company based in San Francisco who has successes and challenges, just like any other organization.


CIS Control 07: Continuous Vulnerability Management

When it comes to cybersecurity, vulnerability management is one of the older technologies that still play a critical role in securing our assets. It is often overlooked, disregarded, or considered only for checkbox compliance needs, but a proper vulnerability management program can play a critical role in avoiding a series data breach. CIS Control 07 provides the minimum requirements, table stakes if you will, for establishing a successful vulnerability management program.

WatchGuard Firebox M290 Rotation & Highlights

Because smaller companies are generally less protected and easier to break into, small business has become the new big target for cyberattacks. The Firebox M290 firewall is specifically engineered to defend all types of small businesses against attacks that are no less fierce than those targeting larger organizations.

Global Companies and Geopolitical Risk Management

As the COVID pandemic swept the world in 2020 and changed the way we travel and do business, other disruptions happened too: large wildfires driven by climate change, and a volatile domestic political scene pressured corporate policies over diversity and other social issues — and that’s just what happened in the United States.


Positive Risk vs. Negative Risk in Enterprise Risk Management

Businesses face risk all the time — and that’s OK. Even though the word “risk” typically has a negative connotation, the word actually can represent many situations, not just unfavorable ones. According to ISO 31000, risk is the “effect of uncertainty on objectives.” Depending on the impact for the company or the affected project, risk can come in two types: positive and negative.


What Does a Business Continuity Plan Typically Include?

It’s impossible to predict every risk that could affect your organization. Cyber attacks, ransomware, natural disasters, and power outages are all potential threats that could disrupt your business. While prevention is key, you must prepare for interruptions to your daily operations. That is why a business continuity plan — a detailed plan that explains how your company will continue to operate in the event of a disruption — is so crucial for your risk management program.


Keep CALMS with Intelligent Orchestration and Code Dx

Achieving a culture of DevSecOps is possible with the help of solutions like Intelligent Orchestration and Code Dx. As a trusted adviser to my clients, I use my unparalleled experience with a broad range of security tools to help them build and mature security programs. I work tirelessly to help them break down silos, facilitate collaborative change, create a culture of lean learning, and ensure continuous feedback and sharing, so they can build pipelines that are intelligent and risk-based.


13 reasons Log360 is the SIEM solution for you: Part 2

Our integrated compliance management tool helps you breeze through audits. Log360 provides out-of-the-box templates to meet all the major compliance regulations, such as the GDPR, PCI DSS, FISMA, HIPAA, and GLBA. What’s more, you can monitor the compliance status for these regulations in real time on graphical dashboards. Log360 also provides prebuilt compliance alerts to notify you about any critical compliance-related events.


Leveraging National Cybersecurity Awareness Month to Reduce Insider Threats

October is a month that generates much buzz amongst the cybersecurity community. It’s National Cybersecurity Awareness Month (NCSAM) – a time when security professionals work around the clock to raise awareness of growing cyber risks amongst general user communities.


Kong Mesh and Styra DAS - securing modern cloud-native applications

Back at KubeCon North America 2017, many speakers declared that 2018 would be “The Year of the Service Mesh”. Just a year later, in the 2019 CNCF Survey1, it was reported that 18% of surveyed organizations were using a service mesh in production, and by 20202 (the most recent survey published at the time of this writing) that number rose to 27%.


What's Behind the "+" in SOCVue+

Most of us are happy just knowing that a technology works, not necessarily how it works. But the details behind the enhancements we’ve made in the Cygilant SOCVue+ platform are too good not to share because of the benefits that they deliver to our customers. In our recent announcement, we touched on a few of the technical aspects of these enhancements.


Security Automation Priorities and Challenges: How Do You Compare to Your Peers?

ThreatQuotient’s new survey on the State of Cybersecurity Automation Adoption is now available for download. Conducted by independent research organization, Opinion Matters, the survey includes responses from 250 senior cybersecurity professionals representing the following industries: central government, defense, critical national infrastructure (energy and utilities), retail and financial services.


How to Detect SAP Threats in Real-Time with LogSentinel SIEM?

When it comes to the security of SAP systems, SIEM products often fail to meet companies’ expectations as they couldn’t fully interpret the SAP logs. LogSentinel Next-Gen SIEM solves this problem, eliminating the blind spots, as well as all SAP threats, and successfully parsing every log file in a human-readable format.


It's CyberSecurity Awareness Month: 5 Areas to Prioritize to Be Cyber Smart

October is CyberSecurity Awareness Month, an ideal time for organizations to take stock of their security programs and look for ways to make improvements. The effort was launched in 2004 by the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) and the National Cyber Security Alliance (NCSA), as a collaborative initiative between government and private industry to ensure that all Americans have the resources needed to stay safer and more secure online.


Getting Networking Right in the SASE Era

In 2019, when the term Secure Access Service Edge, or SASE, was first coined, it was to define a useful way of setting up the network and security infrastructure to satisfy a cloud-first future with services at the edge. Since then, SASE has been long on hype and discussion, but short on actual, practical advice. What does SASE mean for your digital transformation strategy?

Utilizing Upbound Crossplane and Styra DAS to Set Policy Across a Modern Technology Stack

Upbound Crossplane with Styra Declarative Authorization Service (DAS) allows developers to elegantly provision infrastructure while preventing unsecure configuration. Crossplane applied to Kubernetes with Open Policy Agent (OPA) and Styra DAS can efficiently and effectively apply policy for centralized code and enforcement.

Data Exfiltration: What It Is and How to Prevent It

Protecting your data is an important component of your cyber risk management plan, and one that involves a certain level of preparedness for an event like a data breach. Even the best cybersecurity efforts, however, will still fail at some point — when attackers abscond with your organization’s confidential data, either to resell it on the dark web or to post it for all the world to see.


Analysis of a Parental Control System

Canopy was advertised to me through my child’s school. The company offers a multi-platform parental control app claiming various abilities to limit and monitor use of protected devices. Access to Canopy is billed monthly and includes a compelling list of features for concerned parents: Several of these features imply that the app has privileged access to the protected device and may be intercepting TLS connections to filter content.


4 Types of MSPs that Can Help You Meet Your Cybersecurity Needs

In my previous post, I discussed some of the reasons why organizations decide to partner with managed service providers (MSPs). Organizations need to be careful when deciding to work with a specific provider, however, as not all MSPs are the created the same. Part of the reason why is because MSPs come in four varieties. Let’s discuss those types below.


SQL Server Security: Best Practices 2021

In today’s world where digital data is increasing exponentially by the day, the administration and querying of that data are also becoming more and more complex. This huge amount of data is stored in the form of collections within a database. However, in order to create, read, update or delete that data, the database administrators needed the ability to query the database.


Q2 Trends: More Cybersecurity and More Cloud

The coronavirus pandemic has forced a transformation in working practices and with it, the way MSPs manage customer cybersecurity. The possible return to the physical workplace and lingering economic uncertainties pose new challenges for tech leaders. These behavioral changes are measured in this Pulse report, which analyzes IT priorities and budgets in this area for Q2 of 2021. What do IT leaders expect the coming months to look like in terms of IT spending and priorities in their departments?


WatchGuard Cloud Honored at Cloud Computing Security Excellence Awards 2021

WatchGuard is excited to announce that once again, WatchGuard Cloud has been honored in the 2021 Cloud Computing Security Excellence Awards! This elite awards program recognizes companies that have most effectively leveraged cloud computing in their efforts to bring new, differentiated offerings to market.


WatchGuard Wins 2021 TrustRadius Tech Cares Award

For the second year in a row, TrustRadius has recognized WatchGuard in its 2021 Tech Cares Awards! This prestigious awards program celebrates companies that have gone above and beyond to provide strong Corporate Social Responsibility (CSR). TrustRadius CEO Vinay Bhagat had this to say about the honor: “We’re excited to announce our second annual Tech Cares Award winners. The past two years have tested the tech community.

Sponsored Post

A guide to combat ransomware as we continue to work from home

It's no secret that 2021 has already seen a huge surge in ransomware attacks; we've seen an increase of 64% over last year. Advancements in attack strategies and the shift to remote work are undeniably reasons for this ongoing wave. With most businesses merely testing the waters with hybrid working models, completely returning to work still seems like a far-off reality indicating that these numbers are only likely to swell even further.
Sponsored Post

Stay on top of network threats and breaches with effective third-party patch management

In the current digital age, most enterprises turn to the use of third-party applications for every requirement, from end-user applications for productivity purposes, all the way up to more complex endpoint and Active Directory utility tools. However, with more cyber-threats being identified everyday, enterprises are increasingly aware that the installation of third-party software comes with the considerable responsibility for maintaining the system's security.

What are Threat Intelligence Feeds?

Threat intelligence feeds enable organizations to stay informed about indicators of compromise (IoCs) related to various threats that could adversely affect the network. These feeds also help to inform tools like SecurityScorecard’s Security Data by providing a source of information to collect, analyze and share with customers.


What is Cyber Resilience?

Since the covid-19, the cyber incident ratio has drastically increased and shows no signs of settling down. In just one year, cyber-attacks have targeted big enterprises, government agencies of the world’s leading countries, educational institutes, non-government organisations (NGOs), and small to mid-sized businesses. It is estimated that threat actors carry out cyber attacks every 39 seconds, which is relatively faster than before.


Big Data challenges in tele-healthcare

Covid-19 pushed the boundaries of both healthcare and technology providers, and nudged people to finally embrace telehealth services. In fact, telehealth has proven to be the next frontier for the healthcare industry as it minimizes the need for in-person patient, clinic, or hospital visits which prevents overwhelming our healthcare systems. A McKinsey report shared that the use of telehealth in the US in 2021 surged 38 times compared to pre-pandemic levels.


How secure is your Zendesk instance? Find out with Nightfall's Zendesk DLP scanner

When your customers reach out for help, they send messages to your support team that likely contain personal information. Help desk ticketing systems can often harvest for personally identifiable information (PII) like email addresses and credit card numbers, while healthcare providers using ticketing systems may request protected health information (PHI) like patient names and health insurance claim numbers or phone numbers.

Applying Least Privilege in Kubernetes II Jonathan Canada

Scalability and Cloud-Native have driven the demand for Kubernetes, but the developer now has the harder task of building applications in a secure manner. This talk will focus on best practices for implementing least privilege and enforcing zero trust principles within Kubernetes clusters. A how-to for implementing robust Role Based Access Control (RBAC) tied into the corporate SSO/Identity provider using Teleport.

Adopting Zero Trust and SASE as Fed and SLED Agencies Go Remote-First

The global pandemic further accelerated a trend toward remote work that was already underway, even in federal, state, and local agencies that previously resisted it. But as agencies continue to offer telework options to employees, they must also rethink their security stack to better mitigate the cybersecurity risks that remote work catalyzes. Traditional, perimeter-based approaches to security will no longer work in a cloud-first environment where data can, and is, accessed from just about anywhere.

Siemplify ThreatFuse: Some Things Just Go Better Together

Some things are just better together. Peanut butter and jelly. Beavis and Butthead. Security orchestration, automation & response (SOAR) and threat intelligence (TIP) platforms. But don’t settle for a good SOAR with a basic TIP, or a good TIP with a basic SOAR. Siemplify ThreatFuse, combines best-in-class SOAR and best-in-class TIP.

Active Directory Discovery Detection: Threat Research Release, September 2021

The Splunk threat research team recently developed a new analytic story to help security operations center (SOC) analysts detect adversaries executing discovery and reconnaissance tasks within Active Directory environments. In this blog post, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PoshC2 & PurpleSharp to then collect and analyze the resulting telemetry to test our detections.


Automating Vendor Risk Management

Modern supply chains are highly interconnected and complex. Today’s organizations leverage numerous third-party relationships to cut costs, speed up operations, and scale their businesses. But along with these benefits, organizations have to contend with the risks, particularly cybersecurity risks. One study found that in 2020, 44% of businesses suffered a data breach caused by a third party, and a data breach can cost $3.92 million on average.


What is Digital Risk Protection and Why Do You Need it?

The growing use of digital assets within a business delivers all sorts of operational benefits to the organization in question. These technology solutions, however, also come with numerous associated risks and an increased overall threat landscape. You can address these risks by investing in digital risk mitigation and remediation activities as part of a digital risk protection initiative.


Best Practices for Securing Your Cloud Service

The popularity of cloud services has soared in recent years, as ever more companies move towards a remote or hybrid workplace model. While cloud computing comes with many benefits, it can also create new vulnerabilities that might give criminals access to your sensitive data. If your company is using cloud technology, you need to make sure that your data is secure. Keep reading to learn what threats affect cloud services and what you can do to keep your cloud safe.


Top Threat Modeling Methodologies

Find out how different threat modeling methods can help your business catalog potential threats and find solutions for threat mitigation. The most important element of the risk management process is the ability to identify and prioritize threats to your organization’s cybersecurity before any damage occurs. How rapidly you can identify these threats will determine how quickly you’re able to find solutions for mitigation.


Don't Warn Your Co-Workers About That Phishing Test

It is October 2021, and another Cybersecurity Awareness Month is upon us. With so much having occurred over the last year, we should all be experts in personal cybersecurity protection. After all, when our homes became our primary business location, it all became very personal. I once worked at a company that prohibited me from offering personal cybersecurity advice.


Conquering the Taproot of Cybersecurity

What is your organization’s approach to security events? For many organizations, each security alarm is treated with the same urgency as a fire. While a sense of urgency is good, the ensuing panic that occurs is not a recipe for longevity. The constant shifting of attention from one emergency to the next is fatiguing; it can often lead to mistakes that compound an event. The “all hands on deck” approach is similar to an ineffective method of weeding a garden.


What is a Proxy Server?

A proxy server is an intermediary server that retrieves data from an Internet source, such as a webpage, on behalf of a user. Proxy servers have many different uses, depending on their configuration and type. Common uses include facilitating anonymous Internet browsing, bypassing geo-blocking, and regulating web requests. Like any device connected over the Internet, proxies have associated cybersecurity risks that users should consider before use.


Don't Procrastinate. Go Passwordless.

A recent article in the Wall Street Journal (WSJ) points out that password-based authentication is no longer keeping us secure. To prevent password theft, modern platforms use familiar tactics such as requiring “complex” passwords that are frequently changed. Unfortunately, these cumbersome tactics backfire. Users work around them. They select passwords that are easy to remember and guess. They reuse the same passwords. And they write them on sticky notes.


What is advanced persistent threat? Explaining APT security

As the threat landscape evolves faster than we can keep up with, organizations must be aware of the type of threats they may face. Certain threat types, like ransomware and malware, are more prominent and therefore must be fought with the appropriate resources. On the other hand, some threat types are not prevalent and pose significantly less risk. However, just because a specific threat isn’t as widespread does not mean we shouldn’t take it seriously.


Cybersecurity in Higher Education: Understanding the Threats & Adopting A Zero Trust Approach

While there’s no real way to prevent them all, understanding vulnerabilities, common types of cyberattacks and how to prevent them can help college and university leaders prioritize their security strategies to help keep institutional data and students safe.


Join Snyk in celebrating 31 days of Cybersecurity Awareness Month 2021

Today’s the first day of October as well as the first day of the 18th annual Cybersecurity Awareness Month. The purpose of Cybersecurity Awareness Month is not only to raise awareness about the importance of cybersecurity, but also to inspire people to improve their cybersecurity posture: whether that be through implementing multi-factor authentication, not clicking that suspicious email attachment, or even writing code more securely by utilizing a tool like Snyk. =)

Secure Delivery

Egnyte’s Secure Delivery ensures only intended recipients have access to shared files and allows you to revoke access even if the recipient previously downloaded those files. When customizing a Share link, select Specific Recipients and enter the desired email addresses. Then, under Allow Downloads, choose Yes, Encrypted. Recipients can view the shared file in their web browser, however, they must install Egnyte FileGuard to open the encrypted file.

Recipient Specific Links

Ensure the files and folders you share from Egnyte are only accessible to your intended recipients, by creating recipient specific links. When creating a Share link, under who will have access, select Specific Recipients and enter the email addresses of the desired parties. The recipients will be authenticated via email when they first access the link. If they access the link again in the future, they will be emailed an authorization code to unlock the shared content.

Activating the GDPR Policy

In just a few clicks, Egnyte locates data that is subject to GDPR so you can take proper action to keep it secure and compliant. The EU and UK General Data Protection Regulations affect any businesses that store personal data, which belongs to a resident of the United Kingdom or European Union. In just a few clicks, Egnyte locates data that is subject to GDPR so you can take proper action to keep it secure and compliant.

Disable Permissions Inheritance

Simple, intuitive & secure collaboration in the cloud. See how you can easily ensure proper access control to folders in your domain with Egnyte’s granular permissions. When adding user permissions to folders, subfolders automatically inherit the permissions of their parent folder. However, you can disable this feature for specific folders to control exactly who has access. From the folder of your choice, select Share, then Manage Folder Permissions.

Extend Threat Visibility With Humio's Integration With CrowdStrike's Indicators of Compromise (IOCs)

An indicator of compromise (IOC) is a piece of digital forensics that suggests that an endpoint or network may have been breached. The ability to monitor for indicators of compromise is critical to a comprehensive cybersecurity strategy, bringing improved detection accuracy and speed, along with faster remediation times.


Low Latency Identity-aware Access Proxy in Multiple Regions

A multi-protocol access proxy is a powerful concept for securing access to infrastructure. But accessing numerous computing resources distributed across the globe via a single endpoint presents a latency challenge. Today we are announcing that the hosted edition of Teleport Access Plane is now available in 5 regions all over the world.

Tripwire Industrial Cybersecurity Suite

For industrial organizations, managing cybersecurity and compliance is a big job. On top of your IT servers, workstations, applications and databases, etc. you have your plant operations and OT: industrial control systems, SCADA systems, HMIs, etc. Luckily, Tripwire can help you with IT, OT and the convergence of both. From the factory floor, to the top floor, Purdue levels zero through five.

Defining, Evaluating, and Designing Best-in-Class Network Security

Cyber attacks grab headlines almost daily. WatchGuard's award-winning network security platform not only provides one of the most complete suites of unified security controls on the market today to detect and prevent these attacks, but our strategy of sourcing the best scanning engines to integrate with our built-in defenses boosts security in critical attack areas. Take a closer look at the WatchGuard security platform's all-star team of best-in-class threat management services.