April 2020

alienvault

AT&T Cybersecurity receives Frost & Sullivan award in Managed Security Services

Recently, we learned the good news from industry analyst firm, Frost & Sullivan, that we received the 2019 Frost Radar Award for Growth, Innovation & Leadership (GIL) in the Global Managed Security Services (MSS) Market. Frost & Sullivan’s global team of analysts and consultants recognized our achievements in innovating and creating new products and solutions that serve ever-evolving customer needs.

tripwire

Newly-discovered Android malware steals banking passwords and 2FA codes

Security researchers at Cybereason are warning of a new mobile banking trojan that steals details from financial apps and intercepts SMS messages to bypass two-factor authentication mechanisms. According to experts who have examined the code of the malware, known as EventBot, it differs substantially from previously known Android malware – suggesting that it might be written by a new group of cybercriminals.

reciprocity

The Difference Between Vulnerability Assessment and Vulnerability Management

In today’s constantly evolving cybersecurity threat landscape, you have to do everything possible and then some to protect your critical data assets. Performing a vulnerability assessment and implementing a vulnerability management program can help your organization effectively deal with cybersecurity vulnerabilities. However, it’s important to understand the difference between vulnerability assessment and vulnerability management.

netskope

Securing "The New Normal," or What to Do Now That Everyone is a Remote Worker

If we had a dollar for every blog post that started with “we are living in unprecedented times” in the last month, we’d be sipping mai tais … in our living rooms. But it certainly is true and I don’t mean to make light of the extreme situation we’re all in right now.

upguard

NormShield vs. UpGuard Comparison

Every week the news is full of new exposures of protected health information (PHI) and personally identifiable information (PII). These security incidents are not only more common but also more costly. The average cost of a data breach is now nearly $4 million globally and third-party vendors, cyber attacks, and misconfiguration are three of the main culprits.

WhiteSource

Observability: What You Need to Know

Observability has recently become quite the buzzword, populating headlines in DevOps and IT publications. Industry experts like Charity Majors, CTO and co-founder of Honeycomb, and Cindy Sridharan, to name a few, have been spreading the word about the importance of observability, making it clear that it’s more than just a passing trend, it’s an approach that DevOps organizations need to adopt.

teleport

How to SSH into a Self-driving Vehicle

Over the last couple of years, we’ve started to see computers take to the street, and lucky for us, it’s been mostly to help us get deliveries or transport us around. These robots are a combination of sensors, compute units, and some form of connectivity. They have personalities, and if you look closely, two cute eyes on Postmates’ Serve that provide it with stereo vision to navigate the streets.

alienvault

Have you started working from home? Secure your endpoints!

Due to recent international events, there are likely millions of people in the United States and around the world who have just started working from home. There are a lot of office jobs that could move from the company’s workplace to employees’ homes-- accountants, web designers, application developers, network administrators, lawyers, clerical jobs, stock traders, data entry people, call center agents, tech support agents, and probably many other white collar roles.

tripwire

The MITRE ATT&CK Framework: Credential Access

There’s no doubt about it, attackers want your credentials more than anything, especially administrative credentials. Why burn a zero-day or risk noisy exploits when you can just log in instead? If you were to break into a house, would you rather throw a brick through a window or use a key to the front door? What is the MITRE ATT&CK™ Framework? - YouTube An error occurred. Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser.

reciprocity

What Compliance Lessons Can We Learn From Past Pandemics?

COVID-19 has us reeling from health, social, and economic shocks, but this isn’t our first global crisis. It is, however, the first in which cybercrime plays a starring role. The world has faced several pandemics in the past 100 years—several influenza pandemics including swine flu (H1N1) and Avian, or bird, flu, and HIV/AIDS—as well as economic depression and a number of recessions.

netskope

Next Gen SWG Use Case #6 - Protecting Users going Direct-to-Internet

In my recent blog about advanced data protection, I covered how data protection requirements have evolved and how the SWG (secure web gateway) needs to also evolve to be effective in protecting data everywhere it goes. The final use case is centered around protecting users that are going direct-to-internet. This is arguably the most important use case I am covering in this blog series.

upguard

RiskIQ vs. SecurityScorecard Comparison

Every week the news is full of new exposures of protected health information (PHI) and personally identifiable information (PII). These security incidents are not only more common but also more costly. The average cost of a data breach is now nearly $4 million globally and third-party vendors, cyber attacks, and misconfiguration are three of the main culprits.

ekran

Why You Need a Just-in-Time Approach to Privileged Access Management

Privileged access is granted to certain users so they can perform their work. Yet admin and service accounts often are the causes of cybersecurity incidents since they allow their owners to install and remove software, modify system configurations, and more. Even with privileged access management practices in place, malicious actors can continue to find new ways to compromise your sensitive data. However, a new just-in-time PAM approach promises to improve the situation.

bearer

Introducing remediations, Python support and more...

Note: This is Bearer's monthly newsletter. Subscribe below to get it in your inbox. I hope you are doing well with this never-seen-before-worldwide-lockdown. The whole Bearer team is locked down as well, but still improving your beloved product! We have a lot of updates and awesome new features for you to explore today. Here is a short overview to get you started!

zeronorth

Time to Celebrate a Sensational Year of the ZeroNorth Brand and Vulnerability Discovery Orchestration... and Give Back

Happy Birthday! Exactly one year ago, the ZeroNorth brand was born as the industry’s first provider of risk-based vulnerability orchestration across applications and infrastructure. Building on the foundation of technology innovation developed over several years, ZeroNorth set out on a path to reinvent the way companies think about vulnerability management and application security. In the midst of everything going on, why does this matter?

logsign

How to Do Cyber Forensic Investigation with SOAR?

The incident response process is incomplete unless the cyber forensic investigation takes place. In fact, forensic investigation helps in identifying the causes of the attack and the main culprits behind the attack. Usually, the Computer Security Incident Response Team (CSIRT) has to gather forensic details such as logs or artifacts in the aftermath of the incident.

sqreen

How to implement a bug bounty program

Cybersecurity has become an increasingly trending topic for anyone in the technology space. With millions of attacks happening every day, people have started focusing on security more than ever before. The development, QA, and internal security teams do their best to secure their products. But it’s hard to catch everything internally, and there’s no harm in getting another opinion.

devo

The Role of SOC Outsourcing in a Secure Enterprise

During the past decade, security operations centers (SOC) have become an integral part of the cybersecurity programs of many organizations. When you think of a defined team spending all of its time managing security events and using consistent processes for remediation, you may envision a group of company employees who report to a CIO or CISO.

stackrox

Enforcing Kubernetes Security with Open Policy Agent (OPA) - Part 1

As the adoption of Kubernetes spreads, users have begun to look for additional options to control and secure their Kubernetes clusters. Cluster administrators tend to focus on restricting what can run in a cluster. While Kubernetes Role-Based Access Control (RBAC) provides a strong permission system, its oversight ends at the resource level, and it lacks the ability to control the configurations of specific resources.

alienvault

Working from home? Use the spare time for professional development

It’s 2020 and our world is rapidly evolving. Many conferences and training programs have been cancelled, most of us are working from home, and it may seem like learning opportunities are scarce. If you are locked in your house due to COVID-19, what could you be doing to improve your cybersecurity & information security skills? Let me share a few ideas.

tripwire

Cloud Under Pressure: Keeping AWS Projects Secure

Amazon Web Services (AWS) allow organizations to take advantage of numerous services and capabilities. As the number of available options under the cloud infrastructure of the company grows, so too do the security risks and the possible weaknesses. AWS Project owners need to take extra precautions by following some platform-specific advice. Amazon is constantly working on adding new features and implementing new changes in its current offering, as well.

siemplify

A Compare-and-Contrast Between Next-Gen SIEM and SOAR

(The following is a guest post written by Alissa Knight, an ethical hacker, entrepreneur and author.) The average lifespan of an enterprise security information and event management solution (SIEM) has decayed to approximately 18 to 24 months, according to CMS Distribution, largely propelled, many believe, by a systemic lack of expertise and inadequate staffing.

reciprocity

FCPA compliance checklist

An FCPA compliance program checklist outlines the things an American company needs to check when it wants to do business in a foreign country to ensure it follows the guidelines of the U.S Foreign Corrupt Practices Act (FCPA) of 1977. The FCPA is a federal law that aims to prevent all U.S. companies and their officers, directors, employees, and agents from making corrupt payments to foreign government officials to retain or obtain business.

netskope

The Economics of Network & Security Transformation - Part 2

In December 2019, I wrote a blog recommending CIOs and CISOs review their annual budgets in 2020 and continue to reduce their spend on legacy appliance-based network and security controls with a move to a scalable and future-proof cloud-based architecture. In the past few months since then, the world has changed.

upguard

RiskIQ vs. BitSight Comparison

Cyber attacks, misconfiguration, data leaks, and data breaches are increasingly common. Each week the news is full of new exposures of protected health information (PHI) and personally identifiable information (PII). These security incidents are not only more common but also more costly. The average cost of a data breach is now nearly $4 million globally. For breaches involving third-parties, the cost increases to $4.29 million according to a recent report by IBM and the Ponemon Institute.

nnt

Monthly Data Breach Round-Up: April Edition

In the midst of all of the chaos caused by the coronavirus, cybercriminals are showing no signs of slowing down their attacks. Government agencies, research organizations, healthcare providers and retailers alike are all coming under attack. Learn about some of this month’s most notable data breaches and cyber attacks in our monthly Data Breach Round-Up article series, the April edition.

alienvault

Stories from the SOC - Web Server Attack

During the Investigation of a Web Server Attack alarm for a large multinational enterprise Customer, we conducted an Investigation that inevitably led to the customer isolating the system entirely. The sophistication of the Correlation Rules developed by the AT&T Alien Labs™ team recognized patterns that indicated an attack on the web server.

tripwire

COVID-19 Scam Roundup - April 27, 2020

The coronavirus 2019 (COVID-19) scam onslaught continues. Per Threatpost, digital attackers ramped up their activity over Q1 2020 to the extent that they were sending approximately 1.5 million coronavirus-themed attack emails by the middle of April. How can we then be surprised by ZDNet’s reporting that the number of digital crime reports received by the FBI had quadrupled in number, with many of these disclosed attacks featuring COVID-19 as a theme?

tripwire

What is the Cyber Essentials Certification and How Can it Help Your Business?

According to a statistical research of the University of Portsmouth for the government of the UK, more than 80% of the cyber-attacks affecting businesses in the UK could have been prevented by the implementation of some basic security controls. To help organizations adopt good practices in information security, the UK government released a government-endorsed certification scheme called Cyber Essentials in 2014.

upguard

RiskIQ vs. UpGuard Comparison

Cyber attacks, misconfiguration, and data leaks are more common than ever before, as are cybercriminals. Our news cycle is full of first and third-party data breaches that expose the protected health information (PHI) and personally identifiable information (PII) of thousands or even hundreds of millions of people. Not only are data breaches more common, but they're also more costly. The average cost of a data breach is now nearly $4 million globally.

zeronorth

5 Questions You Need to Answer for a Better Security Posture

Cybersecurity isn’t getting any easier. Data breaches are growing in frequency, scope and the level of damage they inflict. Cyber criminals have become increasingly savvy and sophisticated, which means organizations have to work harder than ever to maintain (let alone improve) their security posture. Today, they have to engage a broader swath of the workforce to take responsibility for cybersecurity.

logsign

5 Important Points of SIEM Evaluation Checklist

Over the past couple of years, the Security Information and Event Management (SIEM) solution has been recognized as an effective tool in the Security Operation Center (SOC) of organizations. Whether it comes to managing the multiple tools or meeting the compliance standards, SIEM has always been playing its crucial role. However, since there is a multitude of SIEM solutions available in the IT market today, selecting the right one is an extremely important but difficult task for enterprises.

egnyte

3 Ways an Open CDE Has Radically Improved Productivity for Innovative Construction Companies

In our previous blog, we took a detailed look at how a Common Data Environment (CDE) can provide construction teams with operational advantages that enable them to work more efficiently, save time, and reduce errors. A CDE provides a central repository for all aspects of construction content management, including storing and accessing design files, bid documents, specifications, images, videos, change orders, and markups – everything that makes up the content that defines a construction project.

tripwire

OSINT - Using Threat Intelligence to Secure Your Organisation

In my first article on Cyber Security Threat Intelligence Analysts, (CTI analysts) we covered what a CTI analyst is and discussed how they can bridge the gaps between IT, Security, and the Business. We discussed how this is beneficial to the maturity of the business, but what exactly did we mean by this? In the second article of our CTI analyst series, we’ll cover the unique benefits a CTI analyst brings to an organization by enhancing.

nnt

Coronavirus Cybersecurity Round-Up

It’s been months since the start of the COVID-19 crisis and we’re still learning more each day about the scope of coronavirus-themed attacks through government agencies and technology companies working tirelessly to thwart off hackers. Here’s a roundup of this week’s COVID-19 related cyber-attacks and what organizations should be doing right now to help step up their cyber defenses.

spambrella

New Coronavirus Flavoured Phishing Email Scams

Email scams are nothing new, just about everyone has heard of that one Nigerian Prince for example, but there is another phishing scam doing the rounds and unsurprisingly it is Coronavirus flavoured. Gmail users alone are being targeted with up to 18 million phishing email hoaxes every single day. Of course, it doesn’t end there with ‘regular’ email users – healthcare professionals are being targeted also.

Octiga

Practical IT Security Guide to Protecting your People

There is that song by Baz Luhrmann, well it was actually a speech of his first that was later made it into a catchy jingle. It goes … If I could offer you only one tip for the future, sunscreen would be it A long-term benefits of sunscreen have been proved by scientists Whereas the rest of my advice has no basis more reliable Than my own meandering experience, I will dispense this advice now Unfortunately in securing your business, there is no Sunscreen type solution.

alienvault

Why cybersecurity needs a seat at the table

A shift has occurred in the bastion of corporate hierarchy in the last few decades that has fundamentally changed how organizations operate. This shift started about sixteen years ago in 1994 with Citibank/Citigroup. After suffering a cybersecurity incident, they created the role of Chief Information Security Officer (CISO); a role which has only grown in prominence since.

tripwire

Expert Thoughts on How Infosec Pros Can Make the Most of Working From Home

We find ourselves in strange times. In response to the ongoing coronavirus epidemic, organizations have swiftly closed their offices and mandated that all employees begin working from home. This development has created security challenges with which many organizations are still grappling.

reciprocity

What is NIST Special Publication 800-37 Revision 2?

National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 revision 2 is a Risk Management Framework for Information Systems and Organizations: A System Lifecycle Approach for Security and Privacy. NIST SP 800-37 rev 2 was published in December of 2018 and describes the Risk Management Framework (RMF) and guidelines on how to apply RMF to information systems.

netskope

Securing Remote Workers: Cloud Collaboration

The remote workforce has exploded globally with more employees working from home than ever before. Indeed, on any given day, approximately 60% of workers are remote (Forbes: https://www.forbes.com/sites/johnkoetsier/2020/03/20/58-of-american-knowledge-workers-are-now-working-remotely/#57a4f2f53303). In order to maintain, if not, boost productivity, scalable and simple collaboration tools are needed.

upguard

NormShield vs. SecurityScorecard Comparison

The average cost of a data breach is now nearly $4 million, and the unfortunate truth is third-parties are a significant source of cyber risk. These increasing costs are why cybersecurity vendor risk management (VRM) is a top priority for CISOs, Vice Presidents of Security, and other members of senior management, even at the Board level. In addition to financial costs, regulatory and reputational costs are increasing.

zeronorth

What is the State of Software Security in These Crazy Times?

Right now, the cyber world is thick with COVID-19-related sales pitches. Many are spot on, like multi-factor authentication, while others stretch the boundaries of credibility. What about us? Is there something about the problem we are solving, about software security, that makes it more of an imperative than it was three months ago? Is it possible our mission is more critical now than ever before? The answer is, yes and no.

WhiteSource

Copy and Paste Code: How to Lose Your Job Using Open Source Code

Have you ever wondered whether it’s ok to copy and paste code from an open source project? If you have, you’re not alone. A quick look around several developer websites shows a number of variations on this age-old question. It is never ok to copy and paste code from an open source project directly into your proprietary code. Don’t do it. Just don’t. Even if you’re on a tight deadline. Even if it’s only one loop.

teleport

From Zero to Zero Trust

Blockchain, IOT, Neural Networks, Edge Computing, Zero Trust. I played buzzword bingo at RSA 2020, where the phrase dominated the entire venue. Zero Trust is a conceptual framework for cybersecurity that characterizes the principles required to protect modern organizations with distributed infrastructure, remote workforces, and web connected applications.

tripwire

What is Configuration Drift?

In a previous post by my colleague Irfahn Khimji, he spoke about how ensuring devices on your network is a great way to minimize the attack surface of your infrastructure. Organizations like the Center for Internet Security (CIS) provide guidelines on how to best configure operating systems to minimize the attack surface. The CIS calls these “benchmarks.” Many security policies state that all deployed systems should be securely configured.

siemplify

SOC 101: Building Your SOC with People, Processes and Technology (Video)

Your security operations relies on people, of course, but it also fundamentally leans on processes and technology to succeed. This SOC 101 video featuring Arnaud Loos, technical account manager at Siemplify, delivers a digestible summary on the three pillars of a SOC “team” by showcasing the combined importance of skilled personnel, predictive workflows, and threat intelligence and automation. As threats grow, security operations has never been more essential – or challenging.

netskope

Next Gen SWG Use Case #5 - Advanced Data Protection

This is a series of articles focused on Next Gen SWG use cases. This is the fifth in a series of six use cases. In my recent blog about advanced threat protection, I covered how the threat landscape has evolved and how the SWG (secure web gateway) needs to also evolve to be effective in defending against new and emerging threats. The next use case is centered around advanced data protection. While there are distinct capabilities tied to data protection vs.

upguard

Prevalent vs. Whistic Comparison

The news cycle is full of third-party data breaches and data leaks. And for a good reason, they often expose the protected health information (PHI) and personally identifiable information (PII) of thousands or even hundreds of millions of people. Cyber attacks and misconfiguration are more common than ever before. Organizations need to invest in tools to prevent data breaches and reduce cybersecurity risk: particularly risks that involve third and fourth-parties.

upguard

Prevalent vs. UpGuard Comparison

Cyber attacks, misconfiguration, and data leaks are more common than ever before. Our news cycle is full of first and third-party data breaches that expose the protected health information (PHI) and personally identifiable information (PII) of thousands or even hundreds of millions of people. Not only are data breaches more common, but they're also more costly. The average cost of a data breach is now nearly $4 million globally.

sqreen

Introducing the SSRF reference guide: everything you ever wanted to know about SSRF defense

Although the security community has been aware of server-side request forgeries (SSRF) for a while, it’s only since the Capital One breach that they hit mainstream awareness. However, most of the public documentation following the breach focused on the attacking side of the equation (i.e. how to trigger and exploit an SSRF vulnerability) rather than on how to defend against SSRF exploits.

egnyte

Surviving the Paperwork: Why Seamless Submissions and Good Compliance Envelopes Matter

Are you finding it increasingly challenging to manage your organization’s regulatory submission process? The entire process of developing a drug from preclinical research to marketing takes approximately 12 to 18 years and can cost billions of dollars before a drug is even approved.

alienvault

How Blockchain could transform smart-home privacy tech

About the time that Bitcoin was becoming a household name in the cryptocurrency business, an associated up-and-coming technology called blockchain was making waves and being hailed as the next big thing. Then it all but disappeared from the pages of the tech journals and websites. In other words, the big splash never materialized. Looking back, the problem was that it was so new and revolutionary that nobody knew what to do with it yet.

reciprocity

How to Prevent Third-Party Vendor Data Breaches

Third-party vendor data breaches are becoming an epidemic for organizations that themselves have solid information security programs. The Ponemon Institute has proven year over year in its survey that the cost of third-party data breaches increases with each survey. Many struggle with how exactly to hold third-party vendors accountable and enforce the same rigid standards and controls that they consume internally. The big question is: how do organizations prevent third-party vendor data breaches?

netskope

Intro to SASE - Defining Markets and Redefining Models

This is a series of articles focused on SASE. This is the second in a series of two posts. In part one of this series, we discussed ways businesses are digitally transforming; introduced the SASE model as a new term defining convergence of network and security capabilities; the reasoning behind SASE; and what SASE means to all organizations.

Managing a Remote Team

Remote work has been in existence and flourishing for quite a long time in the industry, even before the pandemic. But, the problem at hand, is for companies who need that one-to-one interaction, as and when needed. For instance, if you are a digital marketing agency, your marketing team and your sales team ought to be on the same page. Working remotely is something new for Appknox as well and hard for us as security teams need to be in close proximity with the server and each other to help and solve problems and issues quickly and swiftly.
styra

How guardrails secure and accelerate K8s deployments

It’s clear from the latest Cloud Native Computing Foundation survey that containerized environments have become mainstream, increasing automation at scale for companies. But, in the cloud-native environment, changes are constant and runtime is extremely dynamic. And while automation can help eliminate manual work, it can also replicate mistakes and risk at cloud scale.

stackrox

Helping the Federal Government with NIST SP 800-53 Compliance

StackRox has had Federal intelligence, military, and civilian agencies at the heart of our customer base since our inception. Our extensive work with the Department of Homeland Security, our backing from In-Q-Tel, and our work across multiple U.S. Intelligence Community agencies have shaped our product and brought additional rigor to our development process.

egnyte

How a Common Data Environment Can Create Order for Construction Content

Like many businesses today, the construction industry is in a state of transition. In recent years, construction workflows have become information-driven, just as workflows have in other industries. Many industries have risen to the challenge and made full use of digital technologies to transform themselves. However, for reasons that have a lot to do with how construction operates, the digital transformation of construction has lagged.

alienvault

Working from home - new reality for even small businesses

I’m very fortunate in the COVID-19 situation. My job as editor of the AT&T Cybersecurity blog lends itself well to working from home. In fact, even before the virus I had the privilege to work from home some of the time – of course with a VPN and other security measures, on company equipment. The biggest impact has been personal for me. I miss my colleagues at work. I miss the in-person laughs and socializing.

tripwire

COVID-19 Scam Roundup - April 20, 2020

Scams leveraging coronavirus 2019 (COVID-19) as a lure have stolen tens of millions of dollars from their victims. As of April 16, 2020, the Federal Trade Commission (FTC) had received 20,334 consumer reports of fraud attempts pertaining to the coronavirus since the beginning of the year. Those attacks that proved successful had caused their victims more than $15 million in damages at the time of writing. Unfortunately, both of those figures are likely to grow as time goes on.

tripwire

Building Effective Cybersecurity Budgets

Building an effective and resilient organization on a budget isn’t a small task. When it comes to cybersecurity budgets, there are many different aspects that need to be considered. Thankfully, alignment with industry best practice and recognized security frameworks adds a small amount of clarity to this challenge.

upguard

SecurityScorecard vs Prevalent Comparison

The average cost of a data breach is now nearly $4 million and the unfortunate truth is third-parties are a significant source of cyber risk. This is why cybersecurity vendor risk management (VRM) has become a top priority for CISOs, Vice Presidents of Security, and other members of senior management, even at the Board level. In addition to financial costs, there are increased regulatory and reputational costs.

upguard

Prevalent vs. RiskRecon Comparison

Every day third-party data breaches and data leaks inundated our news cycle. And for good reason, the average cost of a data breach is nearly $4 million globally. This has led to organizations looking for ways to reduce cyber risk and prevent data breaches. Vendor risk management (VRM) is now a top priority for CISOs and other members of senior management, even at the Board level.

upguard

Prevalent vs CyberGRX Comparison

Every day the news is filled with third-party data breaches and data leaks. And for a good reason, they often expose the protected health information and personally identifiable information of thousands or even hundreds of millions of people. For context, the Ponemon Institute estimates that the average cost of a data breach is nearly $4 million globally.

tripwire

5G Technology: How to Make Sure the Benefits Outweigh the Security Risks

It’s hard not to say that 5G technology brings a lot of benefits. 5G entails faster download speeds, and yes, if you have a 5G-enabled handset, you could hear and appreciate the speed increases for videos, gaming, etc. However, 5G provides added benefits that go way above those for the everyday user. Let’s take a look at the high speed and low latency of 5G. There are a lot of areas or industries that require pinpoint accuracy and precision.

Securing Container-Based Applications at the Speed of DevOps

Thanks to containerization and automation, applications are being developed and delivered faster than ever. With tools such as AWS ECR, developers are able to store, manage and deploy Docker container images without having to worry about operating their own container repositories or scaling the underlying infrastructure. With this, however, arise challenges around managing the security and compliance aspect of your container images. With tools such as WhiteSource, developers are able to manage the security of their containers and container images with no impact on agility and speed.

Whose vulnerability is it anyway?

Application security is a top priority today for companies that are developing software. However, it is also becoming more challenging and complex as release frequency continues to rise, more open source components are adopted, and the requirements for data security are getting stricter. Thanks to new DevOps practices and tools, development cycles are getting shorter, allowing organizations to meet market demands and deliver a superior customer experience, but is application security keeping up?

Lessons Learnt By An Agent Of Chaos From DevOps

Is your organization ready to embrace a DevOps mindset? Receive a pragmatic view from an agent of chaos, who’s promoting the goal for a single continuous integration and delivery pipeline, shifting testing, security, code reviews, and other opportunities to improve information sharing and quality to the left, shifting configuration to the right, and most importantly, aiming to delight users with constant value.

The State of Open Source Security Management RSA 2019

It is no secret - open source has become the main building block in modern applications, and it is almost impossible to develop software at today's pace without it. However, as the open source community grows, and the number of reported vulnerabilities keeps climbing, manually verifying the security and compliance of open source components can no longer provide the necessary control over the security of these components.

Panel Open Source Security - Weighing the Pros and Cons

Over the past few years, open source has grown in popularity especially among developers using open source code in their application development efforts. In the security space, however, open source hasn’t been as widely embraced, mostly because of concerns over vulnerabilities. But is open source software really less secure?

Panel Discussion: Forrester's Latest Wave Report on Software Composition Analysis 2019

Last week The Forrester Wave™: Software Composition Analysis, Q2 2019 was published. We took part in MediaOps panel discussion to discuss the results of the report and which SCA vendors are right for software development and security teams and their needs.
alienvault

5 most common mobile phishing tactics

Phishing is one of the things that keeps CISOs up at night. Phishing attacks are effective and simple to launch, and used by financially motivated attackers as well as more targeted attacks. In the case of a targeted attack, it may harvest login credentials to gain access to corporate or personal resources. In fact, sometimes corporate access can be used to steal personal data, and vice versa.

Effectively Managing The Shift To A Remote Workforce

2020 Has left many people feeling like we’re living in an alternate reality as COVID-19 sweeps the globe, changing life as we know it. Companies ultimately have no choice but to embrace the reality of a fully remote workforce where reliance on technology becomes critical to business continuity. Watch the Webinar Reply to learn more.
egnyte

G2 Names Egnyte Top Remote Tool

As businesses adjust to flexible working arrangements amidst stay-at-home orders and social distancing guidelines during the COVID-19 (coronavirus) pandemic, many are looking to technology to support the needs of remote workers. While many companies were already using software to support working outside of physical offices, tools that enable remote working have now become mission critical in many cases to avert disruption during the unprecedented time we find ourselves in.

alienvault

7 key steps to Zero Trust

This is part 3 of a 3 part blog series My last two blog entries provided some key elements of a Zero Trust Network (ZTN), which focused on the tenets of zero trust and how the confidence is gained for untrusted traffic and authorized on a continual basis. The comprehensive nature of Zero Trust can be a little overwhelming in a world of limited resources, time and budgets.

tripwire

The MITRE ATT&CK Framework: Privilege Escalation

Anyone who has had any experience on the offensive side of security has had fun with privilege escalation. There’s something exciting about exploiting a system to the point of getting root-level access. Since I have spent most of my time on the defensive side of the fence, the magic of escalating privileges rested in Exploiting for Privilege Escalation or stealing an administrator’s credentials.

reciprocity

What are the PCI DSS Security Audit Procedures?

The Payment Card Industry Data Security Standard (PCI DSS) represents an information security standard designed for organizations that store, process, or transmit credit cards and are exposed to cardholder data. The card brands themselves have advocated for the PCI standard which is administered by the Payment Card Industry Security Standards Council (PCI SSC). Given organizations are interested in compliance, many ask the question “what are the PCI DSS Security Audit Procedures”?

bearer

Best Practices for Building API Integrations

Modern applications aren’t built in silos. They rely on the features of other applications. This reliance can come in the form of open-source libraries, access to a wealth of data, or complex features distilled down into a consumable API. Incorporating third-party dependencies into your own project can be challenging. It comes with the benefits of faster development, and the downside of reliance. There is a relationship that happens when using a dependency.

detectify

Detectify security updates for 16 April

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

WhiteSource

Open Source Analysis Extends Your Visibility

When we think of open source analysis, security is often the first thing that comes to mind. But open source analysis is so much more than just security. It gives you visibility into your codebase to help you understand and manage your open source components. In this blog, we’ll define open source analysis, look at why it’s important to your business, and describe the characteristics of an effective open source analysis framework.

Predict 2020 - Developers Do Security

Amid all the talk of shifting left, mingling the DevOps and Security tribes and how can we do code better, faster and with more quality a funny thing happened. Security vendors are developing security tools for devs and DevOps. The security team still pays for them, but they won't buy them without Dev and DevOps buy in. What does this mean for 2020? Will we see better "quality (codeword for security)" in our apps? What should security teams be doing to make this happen? What should Devs and DevOps teams do to adopt these new developer-friendly tools? Is 2020 the year DevSecOps makes a difference?

How SAP Integrates License Compliance & Security Into Their DevOps Pipeline

Gone are the days where open source components were only used by individual developers, start-ups or small corporations. Today, even the biggest corporate giants have realized the numerous benefits open source usage brings, thereby openly embracing this as part of their software to help them focus their efforts and push more code out of the door faster.

Panel Discussion: Cloud Security - Keeping Serverless Data Safe

The push to the cloud has introduced a previously unknown level of agility to many organizations, but sometimes at the expense of data security. Human error often is the cause of cloud security blunders, putting sensitive data at risk and causing real damage to companies in terms of financial liability and loss of reputation. This webinar discusses some of the more overlooked aspects of cloud security and offers up some best practices for ensuring data in the cloud is truly secure.

Demystifying PCI Software Security Framework: All You Need to Know for Your AppSec Strategy

The Payment Card Industry (PCI) Security Standards Council recently released a new security framework to replace the previous standard (PCI PA-DSS). The new framework is set to better address the changes that the software development industry has seen in the past few years. Agile and DevOps methodologies, cloud and containerized environments and widespread open source usage have become the new normal and with this, present new AppSec challenges. To ensure that users of payment apps remain safe, the new framework aims to lay a substantial value on continuous application security.

Whitesource and CircleCI Orbs: Secure your CI/CD Pipelines from Start to Finish

Open source software components play an important role by providing us with the building blocks of our products. However, even as we enjoy the benefits of open source components, they are not without their challenges, especially when it comes to security vulnerabilities.
styra

The origin of Open Policy Agent and Rego

Why the cloud-native architecture required a new policy language I recently started a new series on the Open Policy Agent (OPA) blog on why Rego, OPA’s policy language, looks and behaves the way it does. The blog post dives into the core design principles for Rego, why they’re important, and how they’ve influenced the language. I hope it will help OPA users better understand the language, so they can more easily jump into creating policy of their own.

tripwire

Visibility, Vulnerabilities and VPNs - Extending Your Corporate Security Policies and Procedures to Cover Remote Workers

We’ve heard a lot about the drastic measures that organizations in North America and Western Europe are taking to protect their employees against the coronavirus. But as we all know, COVID-19 is a global pandemic. Organizations all over the world now find themselves in a position where they need to take action on their policies and procedures. Take the Middle East, for instance.

siemplify

Security Orchestration, Automation and Response: Everything You Need to Know to Get Started

Security operations is a well-established discipline — many businesses have even had SecOps strategies in place for decades. Yet the approach to security operations that many companies often take suffers from a number of drawbacks. Many security teams rely on disparate security tools that are difficult to integrate and manage centrally. These tools generate more alerts than analysts and engineers can respond to.

netskope

Next Gen SWG Use Case #4 - Advanced Threat Protection

In my recent blog, I continued my blog series covering the most common use cases our customers are addressing with our Next Gen Secure Web Gateway (SWG). Next up is advanced threat protection. Whether it is blocking access to malicious websites or scanning for malware being downloaded from the web, SWGs have played a critical role for more than a decade in protecting the enterprise against threats.

logsign

How to Conduct a Vulnerability Assessment

A considerable portion of cyber-attacks target simple and unnoticed security vulnerabilities, that is why conducting a thorough vulnerability assessment is vital for each and every organization. Read our article to learn more. As the technology advances, a vast majority of the business processes are realized online. Each and every day we share important files, send e-mails, conduct communication with our team and customers, and we do all these tasks online.

alienvault

Can incident response be fun?

Cyber attacks are unfortunately inevitable. It’s important to security harden your networks as much as possible. But your organization must also be prepared for incident response. Effective incident response involves an awareness of various cyber risks and threats, having a plan to respond to the various ways they manifest, and having a team that can think quick on their feet when they actually occur.

alienvault

Slack phishing attacks using webhooks

Slack is a cloud-based messaging platform that is commonly used in workplace communications. It is feature-rich, offering additional functionality such as video calling and screen sharing in addition to a marketplace containing thousands of third-party applications and add-ons. Slack Incoming Webhooks allow you to post messages from your applications to Slack.

tripwire

COVID-19 Scam Roundup - April 14, 2020

On March 27, 2020, President Trump signed an unprecedented $2 trillion stimulus package into law. The legislation received support from both chambers of the U.S. Congress for its goal to minimize the economic effects of the global coronavirus 2019 (COVID-19) pandemic, reported CNN. A key component of that package was the direction to provide economic relief to Americans in the form of stimulus checks of varying amounts depending upon their income.

tripwire

Realizing Hybrid Asset Discovery with Tripwire Industrial Appliance

Digital attacks continue to weigh on the minds of industrial cybersecurity (ICS) professionals. In a 2019 survey, 88% of ICS experts told Tripwire they were worried about what a digital attack could mean for their industrial organization. The rate was even higher for those working in the manufacturing and oil & gas sectors at 89% and 97%, respectively. Such widely held concern suggests a need for industrial organizations to make greater investments in their digital security posture.

reciprocity

Pros and Cons of the FAIR Framework

The Factor Analysis of Information Risk (FAIR) framework was developed by Jack Jones. FAIR is a risk management framework championed by the open group that enables organizations to analyze, measure, and understand risk. The FAIR model evaluates factors that contribute to IT risk and how they impact each other while breaking down risk by identifying and defining the risk model. FAIR is most often used to establish probabilities for the frequency and magnitude of data loss.

netskope

Securing Remote Workers: Video Collaboration Considerations

Over recent weeks, many organizations rapidly adopted new remote worker policies and practices without having the benefit of time or meaningful historical data to inform the architectural decisions needed. Coupled with the adoption of video, web and VoIP conferencing technologies, an unprecedented strain has been levied across IT resources which were built for a different time.

upguard

BitSight vs Prevalent Comparison

The unfortunate truth is outsourcing to third-parties introduces significant cyber risk. The news is inundated with third-party data breaches and data leaks. With the average cost of a data breach at nearly $4 million globally, it makes sense to invest in tools to prevent data breaches. This is why cybersecurity vendor risk management (VRM) has become a top priority for CISOs and other members of senior management, even at the Board level.

nnt

What is the UK Cyber Essentials Certification and How Can it Help Your Organization?

Cyber Essentials and Cyber Essentials Plus are UK government-backed schemes that are designed to help protect organizations against 80 percent of most common cyber-attacks. This scheme lays out five basic security controls that must be implemented in order to defend against today’s most common cyber threats. These controls are closely aligned to other notable security frameworks, including the Basic CIS Controls as well as the PCI DSS requirements.

sqreen

Behind the scenes: building a dynamic instrumentation agent for Go

We’ve been working hard at Sqreen to make our protection transparent and frictionless. We recently released Sqreen for Go, which detects and blocks security issues inside Go applications without requiring any code modification. To make this possible, we leverage dynamic instrumentation to insert additional security logic into the program’s behavior at run time.

stackrox

AWS EKS Monitoring Best Practices for Stability and Security

EKS leaves a large portion of the responsibility for applying security updates and upgrading Kubernetes versions, and for detecting and replacing failed nodes, to the user. EKS users, especially those with multiple clusters, will want to set up some form of automation to lighten the manual load and to ensure that critical security patches get applied to clusters quickly.

egnyte

Working Anywhere With Egnyte: VPN Not Required

There are a few things that are easy to take for granted in a traditional office setting: the impromptu idea sharing that happens in unscheduled conversations, quick and easy access to audio-visual tools, and the energy that comes from being around others are just a few. But more importantly, it’s easy to forget that high-speed Internet access isn’t as ubiquitous as it sometimes seems, and there are many people, areas and job sites that have limited access and connectivity.

tripwire

Cybersecurity in Education (K-12) with the CIS Controls

Acknowledging recent reports of ransomware targeting educational institutions, it is no wonder that there have also been articles that attempt to lure in readers with “free” tools. What is disappointing is that these “free” tools are little more than marketing pieces that direct you to click on readily available documentation from Microsoft or Google.

ekran

Insider Data Theft: Definition, Common Scenarios, and Prevention Tips

People tend to trust those they work with: employees, business partners, subcontractors. But these people, who have access to all kinds of corporate data, don’t always prove worthy of such trust. Insider data theft statistics show that one in four employees won’t think twice before stealing sensitive data from their current company if it will help them sign a contract with a competitor.

cyberint

COVID-19 Ongoing Cyber Updates

Cyberint research team closely monitors threats related to COVID-19, leveraging the global fear and uncertainty around it. Utilizing thematic lures, a variety of cyberattacks have been launched during a time when many are seeking critical information on the outbreak. Exploiting the headline-dominating crisis, individuals, organizations and governments alike are tricked into opening malicious payloads, visiting malicious websites and are subject to misinformation or fraud.

Appknox Webinar - All Things Security for Your Remote Workforce!

Remote work poses unique challenges for companies because employees are not physically working on-site, they're often relying on their own Wi-Fi networks and devices to access company data and infrastructure. To mitigate security risks, companies must implement clear and comprehensive data security policies and take proactive measures to ensure complete cybersecurity for their remote teams.
logsign

How Do DDOS Attacks Work?

DDoS attacks are considered as one of the most popular cyber-attacks and they have the ability to make systems go down for a very long time. Read more to learn how they work and how you can stop them. What is a DDoS attack? DDoS attack (also known as the distributed denial of service attack) is a dangerous and common type of cyber-attacks. It aims to overwhelm the target through disrupting the regular traffic of a service, network or a server.

veriato

Computer Forensic Tools - Providing The Evidence You Need

If you are even considering investigating an employee or monitoring employees in general, consider modern computer forensic tools for a complete solution. Computer forensic tools allow an employer to gather digital evidence before confronting an employee. With the Covid-19 (Coronavirus) outbreak, these types of solutions can also help to monitor employees that are self-quarantined or voluntarily working from home.

alienvault

Assess and adapt for resiliency

Admittedly, we are in uncharted territory – what seemed routine a few short weeks ago – commuting to work, going to the gym, or gathering with friends – is now either a daunting task or a non-existent option. This shift has impacted our technology, our workforce, and our business environments almost overnight and with minimal warning.

tripwire

The MITRE ATT&CK Framework: Persistence

When I first started researching ATT&CK last year, Persistence was the tactic which made me fall in love. Even though I have been in the industry for some time, I learned more from digging into the various techniques here than any other tactic. While I knew about fun tricks like replacing sethc.exe with cmd.exe and hitting the shift key a bunch of times from a lock screen, there were many other techniques that were brand new to me.

reciprocity

How to Conduct a Vulnerability Assessment

A vulnerability assessment or vulnerability analysis is the process of identifying the security vulnerabilities in your network, systems, and hardware and taking steps to fix those security vulnerabilities. A vulnerability assessment can provide information that your IT and security teams can use to improve your company’s threat mitigation and prevention processes.

netskope

Mind the Gap - Cloud Threat & Data Protection

Increased remote working each day is accelerating the digital transformation of cloud services and apps across the globe. Workforces now at home will innovate, adapt, and adopt new cloud services and apps, where over 98% are not managed by IT administration. This opens the door for data to move like a river throughout the cloud and introduces new threats where all stages of the cyber kill chain are cloud-enabled.

upguard

BitSight vs Whistic Comparison

Outsourcing, digitization, and globalization are three of the largest trends in the last 30 years. They've brought new products and services, increased specialization, lower costs, and improved access. But they've also introduced significant cyber risk. Particularly the risk of data breaches and data leaks. For perspective, a recent study by the Ponemon Institute put the average cost of a data breach at $3.92 million. The unfortunate truth is third-parties cause a lot of data breaches.

upguard

SecurityScorecard vs Whistic Comparison

Outsourcing, digitization, and globalization have brought us new products and services, allowed for increased specialization, lowered costs, and improved access but they've also introduced significant cyber risk. Particularly the risk of data breaches and data leaks. And with the average cost of a data breach reaching close to $4 million dollars according to a recent study by the Ponemon Institute, it pays to prevent them. The unfortunate truth is third-parties cause a lot of data breaches.

upguard

CyberGRX vs Whistic Comparison

The amount of cyber risk the average organization is taking on has never been higher, a big part of it in the form of third-party and fourth-party risk. A household name reporting a data breach or data leak feels like a daily occurrence. And with the average cost of a data breach reaching close to $4 million dollars according to a recent study by the Ponemon Institute, organizations are looking for new ways to prevent them. The unfortunate truth is third-parties cause a lot of data breaches.

upguard

RiskRecon vs Whistic Comparison

Organizations are taking on more cyber risk than ever before and a large part comes in the form of third-party and fourth-party risk. The news is inundated with data breaches and data leaks and the average cost of a data breach has reached nearly $4 million globally. It's safe to say that the financial cost alone is enough proof to start investing in tools to prevent data breaches. The unfortunate truth is third-parties cause data breaches.

zeronorth

Why AppSec Matters Now More Than Ever

Many of us have a love-hate relationship with change, especially when things are not going well. But as we know, thanks to the Greek philosopher Heraclitus, the only constant in life is change. We must embrace it, even if it means our “normal” is never quite the same. The goal is not to fight the change but to be the change by finding creative ways to improve our decisions, in business and life.

sqreen

Panel discussion: security for B2B scale-ups

At B2B Rocks 2019, I took part in a panel discussion titled “How to Shape the Most Reliable and Secure Tech.” We had an interesting talk about how B2B companies can improve security, particularly around doing so as they scale up. I’ve been thinking about our conversation recently, as the day-to-day has shifted for people all over the world, so I wanted to take a moment to share some of the insights from the talk.

inetco

INETCO Announced as a 2020 Best of FinXTech Awards Finalist for Improving Operations

Over the past 12 months, INETCO’s flagship product, INETCO Insight 7, has gained recognition as the go-to solution for acquiring a level of detail within payment transaction data sets that is unprecedented, and extremely useful. Recently, INETCO caught the attention of Bank Director, an information resource to the financial community with a focus on the strategic issues most fundamental to a bank’s CEO, senior leadership team, chairman and independent directors.

alienvault

The Zero Trust Authorization Core

The Foundation of a Zero Trust Architecture (ZTA) talked about the guiding principles, or tenets of Zero Trust. One of the tenets mentions how all network flows are to be authenticated before being processed and access is determined by dynamic policy. A network that is intended to never trust, and to always verify all connections requires technology that can determine confidence and authorize connections and provide that future transactions remain valid.

tripwire

What Security Leaders Should Consider When Building a Business Case for Integrity Monitoring

We all know there are a number of different security devices that need to be continually monitored because they represent attack vectors. That’s why understanding configuration management is critical to security hygiene. As practitioners, we need to adhere to CIS controls as they provide a critical baseline for maintaining our security framework and keeping up our integrity monitoring processes.

tripwire

Auditing Cloud Administrator Behavior as a Matter of Data Breach Preparedness

New technologies often present interesting challenges for security teams, with cloud services such as AWS, Azure and GCP providing particularly novel cases in comparison to “classic” on-premise systems. As cloud services race to add new features that drive new customer interest and increase retention of existing clients, there is a very real risk of exposing new threat vectors to the business if even the most minor of misconfigurations occurs.

Application Security: Best Practices vs Practicality

Establishing an application security program is an ongoing process – there are always steps you can take to improve your program. Join Veracode CTO, Chris Wysopal, Bugcrowd CTO, Casey Ellis, ZeroNorth CTO, John Steven and Optiv Director of Threat Management, Luis Jimenez for a one-hour panel discussion on best practices for maturing your AppSec program. And, if you’re just starting your AppSec journey, our experts will also be providing some practical first steps you can take that will prepare your AppSec program for improvements in the future.
stackrox

Container Image Security: Going Beyond Vulnerability Scanning

Container images constitute the standard application delivery format in cloud-native environments. The wide distribution and deployment of these container images requires a new set of best practices for ensuring their integrity. While performing image scans to check for known vulnerabilities in operating systems and language packages remains a cornerstone of image security, it is only part of a larger set of security initiatives you need to employ to protect your environments.

egnyte

Working Anywhere With Egnyte: Productivity Guide

What’s the ideal state of a technology-driven, digital-first organization? Ultimately, it’s where everything you need (and need to do) is right at your fingertips regardless of your location or the tools you have at your disposal. When companies pursue digital transformation, they often do so with a few primary goals in mind, like security, simplicity and productivity.

tripwire

Finally Some Good News: NERC Proposes Deferment of 3 CIP standards

Amidst all the pandemic doom and gloom, we finally have something positive come from the chaos: NERC filed a motion recently (April 6, 2020) to defer three Critical Infrastructure Protection (CIP) Reliability Standards (as well as 1 PER, and 3 PRC standards) for three months due to the national emergency declared on March 13th by President Trump. As the original implementation date was July 1, 2020, this means that should FERC approve the motion, the new implementation date would be October 1, 2020.

tripwire

The Cyber Threat Intelligence Analyst - Speaking Your Languge

One item that comes up a lot in conversations is how security teams or IT teams struggle to speak the “business language” to business leaders, mainly to members of the senior leadership that make the final decisions on spending and investments. This problem could have its roots in IT, and later security, teams historically having their management lines within the accounting department, ultimately being accountable to the Chief Financial Officer.

siemplify

9 Security Orchestration and Automation Benefits: How SOAR Helps Improve Incident Response

On average, 800 attacks per hour pummel 76 U.K. councils, according to global insurance firm Gallagher. That volume of attacks is not out of the ordinary, nor is it new. Back in 2013, UC Berkeley’s data science blog reported that the U.S. Navy sees 110,000 cyberattacks per hour. Imagine being a security operations center (SOC) analyst trying to manage this sheer number of alerts. That is where security orchestration, automation and response (SOAR) comes in.

reciprocity

What is a Vulnerability Management Program?

Vulnerability Management is the cornerstone of information security programs. Cybersecurity practitioners leverage vulnerability management programs to identify, classify, prioritize, remediate, and mitigate vulnerabilities most often found in software and networks. Vulnerability assessments, while not mutually exclusive with vulnerability management, are generally part of a vulnerability management program in order to identify, quantify, and prioritize vulnerabilities in a system.

nnt

The Problem with Cyber Security is That No One Wants to Play Defense

When I’m not fighting the good fight against the dangerous world of cyber crime, you’ll often find me out on the field coaching youth soccer. In my experience as a coach, if you ask any group of kids new to the game of soccer “who wants to be a striker?” pretty much every hand will go up.

alienvault

Common focal points of DoS attacks

This blog was written by an independent guest blogger. Is your company at risk of a Denial of Service (DoS) attack? If so, which areas are particularly vulnerable? Think it’s a crazy question? Think again. In 2020, 16 DDoS attacks take place every minute. DoS attacks require fewer resources, and so pose an even greater threat. In this post, we’ll discuss what a DoS attack is and how it differs from a Distributed Denial of Service (DDoS) attack.

tripwire

COVID-19 Scam Roundup - April 6, 2020

Digital fraudsters have seized upon coronavirus 2019 (COVID-19) as a lure for their new scams and attack campaigns. Together, these malicious operations constitute nothing short of a deluge. Barracuda revealed that it spotted 9,116 coronavirus-themed spear-phishing emails between March 1 and March 23, 2020—a 667% increase over the 1,188 attacks detected a month earlier. By comparison, the security firm spotted just 137 coronavirus-themed email campaigns in January.

redscan

Redscan reveals Google security search trends during COVID-19 pandemic

At Redscan, we’ve set about shining light on some of these challenges by analysing how the crisis has affected online search behaviour in relation to cyber security and technology. The findings provide insight into how well-prepared businesses were for such an incident, the tools organisations are turning to support operations, and potential threats they are facing.

stackrox

EKS Runtime Security Best Practices for AWS Workloads

This is part 4 of our 5-part AWS Elastic Kubernetes Service (EKS) security blog series. Don’t forget to check out our previous blog posts in the series: Following best practices for running your workloads on EKS plays a crucial part in keeping the cluster and all its workloads safe. Overly privileged pods, for example, pose a huge danger if they get infiltrated.

tripwire

Results Speak Louder Than Words: A Guide to Evaluating ICS Security Tools

Why leveraging live environment simulations and putting ICS tools to the test is the best way to evaluate their fitness. Track and field was one of my favorite sports growing up. I didn’t begin competitively participating until I was a teenager, but I was instantly hooked once I started. Why? Because the clock didn’t lie. The tape measure didn’t lie. The fastest time always won, and the longest throw always won. I like to think of ICS security tools in a similar way.

alienvault

The Power of Community to Fight COVID-19 Cyber Threats

Cybercriminals are taking advantage of the fear and uncertainty surrounding the current global health and economic situation as well as sudden shifts and exposures in IT environments to launch COVID-19 related attack campaigns. The bad guys are moving full-steam ahead in their efforts to lure victims by playing on their fears.

ioncube24

Weekly Cyber Security News 3/4/2020

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. In these strange times certain platforms have gained increased popularity, Zoom being one appears to have attracted a lot of attention and not just from it’s users. Both sides of infosec have taken a bite. The news appears to be changing rapidly as Zoom react and deal with it. What is really true about the claims?

nnt

How to Maintain and Monitor Audit Logs in the Wake of COVID-19

The coronavirus outbreak has become a real global pandemic affecting hundreds of millions of individuals and organizations across the world. Many governments have advised residents to avoid non-essential social contact and travel, a concept recently coined ‘social distancing’. For safety reasons, most organizations have also advised their employees to work remotely from home and have taken steps to allow users remote access who would not normally have the ability to do so.

Gravity: Running Cloud Applications in Remote, Restricted and Regulated Environments.

Gravity is an application delivery system that lets engineers deliver and run cloud-native applications in regulated, restricted, or remote environments without added complexity. Gravity works by putting applications and all their dependencies onto a single deployable file, which can be used to create hardened Kubernetes clusters that can reliably and securely run in any Linux environment: edge, multi-cloud, private cloud, on-prem, and air-gapped.
egnyte

Working Anywhere With Egnyte: Organization Guide

Maximizing productivity from a remote environment, particularly if it’s a new arrangement, can be a multifaceted challenge. Enabling employees to plan out their time, optimize their workspace, and minimize distractions are all important, but another key part of ensuring continuity from anywhere is finding ways to be digitally organized, using the tools at their disposal to label, organize and secure content even outside of your organization’s four walls.

alienvault

Here is why your healthcare provider cannot accept Venmo payments

Are you using Venmo to send and receive payments? People use Venmo for everything, and in these times when no one wants to handle actual money for fear of spreading infection, Venmo is a brilliant idea. Of course, the difference between Venmo and other mobile payment applications is that Venmo adds a social networking component to its process. While this makes things very easy for transacting payments, it creates some serious privacy concerns.

tripwire

Zoom promises to improve its security and privacy as usage (and concern) soars

What’s happened? Well, Coronavirus 2019 (COVID-19) happened. Okay, smart alec. I know about that. What else is going on? Well, because so many people are (wisely) staying at home, they’re using videoconferencing and chat technology like Zoom to keep in touch with friends, family and colleagues. In fact, Zoom says that daily usage has soared from approximately 10 million daily meeting participants in December 2019 to over 200 million today. Zoom must be pleased. I’m sure they are.

upguard

CyberGRX vs RiskRecon Comparison

Outsourcing, digitization, and globalization have led to new products and services, increased specialization, lower costs, and better access for customers and organizations alike. They've also introduced significant cyber risk, particularly the risk of unintended data exposure in the form of a data breach or data leak. In fact, a recent study by the Ponemon Institute and IBM put the average cost of a data breach at $3.92 million.

upguard

Whistic vs UpGuard Comparison

Outsourcing, digitization, and globalization have created new products and services, increased specialization, lowered costs, and improved access for customers and organizations alike. The downside is they've introduced cyber risk. Particularly the risk of data breaches and data leaks. In fact, a recent study by the Ponemon Institute and IBM put the average cost of a data breach at $3.92 million.

bearer

Add Retries to Your API Calls

Whether you're making API calls from Node.js or in the browser, connection failures are going to happen eventually. Some request errors are valid. Maybe the endpoint was wrong or the client sent the wrong data. Other times you can be sure that the error is the result of a problem with the connection to the server or one of the many hops in-between. While API and web service monitoring can inform you about the problem, a more active solution can take care of it for you.

alienvault

The foundation of a Zero Trust architecture

Organizations have placed a lot of time, effort and capital spend on security initiatives in an effort to prevent security breaches and data loss. Even the most advanced “next generation” application layer firewalls filtering malicious traffic at the network perimeter has only revealed equal if not greater threats within.

tripwire

We're All Remote Here: Videoconferencing Securely

The current pandemic has certainly shown the utility of electronic collaboration tools such as videoconferencing platforms. Once an expensive perk of solely enterprise companies, the video call is now used not only for executives remotely attending board meetings but also for the following... At the moment, it’s important for public health that everyone stays distant from one another.

siemplify

How Cybercriminals Are Actively Exploiting the Coronavirus/COVID-19 Crisis

Security researchers around the world have their work cut out for them keeping track of malicious scams and campaigns surrounding the coronavirus. Cybercriminals are unabashedly pulling out all the stops to take advantage of a weary (and largely remote-working) public to spread malware, siphon sensitive information, hold critical systems hostage and line their coffers with ill-gotten gains.

netacea

Uncovering Bots in eCommerce Part One: Carding

No one wants to be a victim of payment card fraud, yet more of us are falling foul to the myriad of techniques used by hackers to steal payment card information and use it for their own gain. To mitigate this malicious activity, it is vital that eCommerce sites apply security measures that protect consumers and sellers alike from carding and other major bot threats.

netskope

Next Gen SWG Use Case #3 - Web Filtering and Coaching Users on Acceptable Use

This is a series of articles focused on Next Gen SWG use cases. This is the third in a series of six posts. In my recent blog, I continued my blog series covering the most common use cases our customers are addressing with our Next Gen Secure Web Gateway (SWG). Next up is web filtering and coaching users on acceptable use. If you are a seasoned pro when it comes to SWGs, your eyes may be rolling already.

detectify

Top 12 tips every pentester should know

In 2020, both big and small companies alike are embracing pen-testing as a solution to ensure the quality and availability of their mission-critical communication systems and data storage. Detectify Crowdsource is our private bug bounty community that’s powering our automated web security scanners to protect 1000s of security teams.

Webinar on Key to Effective Cloud Security in 2020

Cloud migration challenges Few applications don’t work well on cloud-like how they work on-premises, IT leaders need to figure out cloud migration failures in such instances as it could be due to poor latency, compliance challenges or security concerns. Due to the higher cost of cloud people generally think applications will work well however it is not the case as few applications won’t work well on the cloud that is why it is important for managers to rethink their strategies.

Streamlining Security to Fuel Innovation

Virtually every business in the world relies on software to keep their competitive edge. At the same time, application vulnerabilities are escalating, and data breaches-how to prevent, plan and recover from them-are common C-suite conversations. This paper discusses how a risk-based approach to vulnerability orchestration across applications and infrastructure empowers organizations to critically assess their security with real data, bringing them closer to truly secure DevOps with well-aligned security, operations and development teams.

CISOs: Best Practices to Understand, Communicate and Manage Risk

What's your company's risk appetite and overall security posture? CISOs now not only have to communicate to IT and your peers, but you have to effectively understand your company's risk appetite. This paper outlines best practices to help you effectively identify, manage and communicate risk.