October 2020

alienvault

What is Smishing? SMS phishing explained

SMS phishing, or “Smishing,” is a mobile phishing attack that targets victims via the SMS messaging channel rather than through email. A natural evolution of the phishing phenomenon, smishing attacks attempt to dupe mobile users with phony text messages containing links to legitimate looking, but fraudulent, sites. These smishing sites try to steal credentials, propagate mobile malware, or perpetrate fraud.

netacea

Are Bots Slowing Down Your Website?

Bad bots are disrupting your website performance, reducing performance and speed. Bot activity, both good and bad, affects all industries including retail, online gambling and gaming and streaming. In our blog we discuss the detrimental impact of bots to your website performance and subsequently, the customer experience, with advice for detecting and mitigating bad bot activity.

netacea

Could a Flurry of Interactions Be Skewing Your Metrics?

APIs served as part of web and mobile applications are vital to enabling customers to interact with your business. However, it’s important to understand the impact on your business when these APIs are used in new, non-standard and potentially unintended ways. While APIs are usually written and intended for use with certain frontends (i.e. web application or mobile app), they are served publicly on the internet and are open to inspection by any interested party.

nightfall

The Fintech Sector is Under Cyber Attack - Here's How Companies Are Protecting their Data

Fintech companies – those that offer technology to support the banking and personal finance industry – are increasingly at risk of cyberattack. After healthcare, fintech is the second most frequently attacked industry, according to Alissa Abdullah, senior vice president of cybersecurity technology at Mastercard. Fintech News found that 27% of attacks target banks or healthcare.

netskope

Beware of Google Docs Spam

Netskope Threat Labs is warning users to be careful of spam messages being shared via Google Docs. The spam messages come in the form of a comment on a document or presentations and are sent by [email protected]. Both the comment and the document link the user to a spam or scam website. Because the messages are sent by Google Docs, it is likely that your spam filters do not detect and block these messages. In fact, docs.google.com may be explicitly allowed by your spam filters.

ioncube24

Weekly Cyber Security News 30/10/2020

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Once again the impact of this COVID pandemic claims another. Cast your minds back to earlier in the yearn (or was it last year now – feels like it) with the sudden burst in use of Zoom and House Party causing all sorts of issues.

Install Veracode for VS Code to Run IDE Scans

In this video, you will learn how to install the Veracode for VS Code extension. The Veracode for VS Code extension is available from the Visual Studio Marketplace. The Veracode IDE Scan finds security defects in your code in seconds so you can fix the findings directly in your IDE. Veracode for VS Code is an extension to Visual Studio Code, which performs a Veracode IDE scan at the file level, and supports JavaScript, TypeScript, and C#.
logsentinel

Why Are SIEMs Expensive?

SIEM (Security Information and Event Management) systems have a reputation for being expensive. And that’s generally correct – they can cost hundreds of thousands per year or have huge upfront costs. But why is that? There are several main reasons: All of this is changing. According to Gartner, SIEMs are going to the mid-market and these things don’t hold true there.

sqreen

Extending security visibility beyond the network layer: Sqreen's October release

Yesterday, we hosted the first Sqreen Summit, where we shared our vision for unparalleled visibility in application security, demoed the latest feature releases from Sqreen, and chatted with Jason Montgomery, VP of Security at Datarobot and one of our Sqreen design partners. We also had a great breakout session on the changing role of the security engineer with Jacolon Walker, former CISO and security engineer at OpenDoor, Collective Health, Palantir, and others.

xona systems

Cybersecurity & Remote Workers: How to Protect Your Data & OT Infrastructure

Even before the Coronavirus pandemic created an environment ripe for bad actors to exploit, cybersecurity was a top priority at many companies. Most industries identified cybersecurity as a serious threat to their business continuity and longevity. Since the onset of COVID-19, 75% of business leaders view cybersecurity as a top priority to while navigating the new normal. It’s easy to see why.

inetco

What is Security Information and Event Management (SIEM), and how is it evolving?

Halloween is tomorrow, and do you know what that means? For starters, it means you can dance under the rare blue moon. A full moon visible for all time zones on Earth hasn’t happened since 1944, and won’t happen again until 2039. It also means you can don a costume and be anything you like. Kind of like a fraudster, that assumes a new persona every time there is a payment fraud attack.

stackrox

StackRox + AWS + Kubernetes - A look inside our Security Hub integration

StackRox partners with AWS on many fronts, in large part because so many StackRox customers run our platform in their Amazon Elastic Kubernetes Service (EKS) environments. As the world’s most popular managed Kubernetes service, EKS – like all other AWS services – operates under a shared responsibility model for security.

alienvault

Vulnerability scanning vs. Penetration testing: comparing the two security offerings

It’s no secret: the number of security vulnerabilities organizations must contend with is overwhelming. According to a 2019 Risk Based Security report, there were 22,316 newly-discovered vulnerabilities last year. One Patch Tuesday disclosed a record number of 327 vulnerabilities in a single day. Just keeping up is becoming a monumental task. But knowing where and how your organization may be vulnerable is critical to maintaining a healthy security posture.

synopsys

How to make the future IoT more secure

IoT security begins with building secure software. Learn how to embed security into your SDLC to avoid becoming an easy target for hackers. In this, the final week of 2020’s National Cybersecurity Awareness Month, the focus is the future of connected devices. And some things about that future are pretty easy to predict. There will be more devices—billions more.

veracode

A Software Security Checklist Based on the Most Effective AppSec Programs

Veracode’s Chris Wysopal and Chris Eng joined Enterprise Strategy Group (ESG) Senior Analyst Dave Gruber and award-winning security writer and host of the Smashing Security podcast, Graham Cluley, at Black Hat USA to unveil the findings from a new ESG research report, Modern Application Development Security.

Veracode State of Software Security Vol. 11

Veracode, the largest global provider of application security testing (AST) solutions, announced the State of Software Security (SOSS) Volume 11 revealing 76% of applications contain at least one security flaw and fixing those flaws typically takes months. This year’s analysis of 130,000 applications found that it takes about six months for teams to close half the security flaws they find. Watch as Veracode's Chris Eng and Tim Jarrett break down the key findings from SOSS 11, with specifics on what's within developers' control as they seek to improve the security of their applications.
WhiteSource

Top Tips for Getting Started With a Software Composition Analysis Solution

You’ve purchased a software composition analysis solution, and you’re excited to start scanning. Before you do, read our top tips for getting started with WhiteSource. Following some basic guidelines ensures your implementation gets off on the right foot.

logsentinel

Free Ebook: SIEM for Work From Home Security

The number of cyberattacks has increased five-fold after COVID-19, as the pandemic brought new opportunities to cybercriminals. At this rate, cybersecurity threats are estimated to cost the world US $6 trillion a year by 2021. Since remote working became “the new normal”, it also became a growing gateway to new forms of data theft and as a result, companies face significantly increased risk of cyber-attacks and data breaches.

logsentinel

Alert Fatigue And Automation Fatigue

Alert fatigue is a well-known phenomenon with security products – the security team gets a lot of alerts (from the SIEM, for example), it tries to triage and act upon all of them, but at some point, they are so many and so few of them are actual threats, that the security team just ignores them. And that leads to both overworked security teams and an increased risk for missing an actual threat. Why is that happening? It’s hard to tweak a system right, no matter how flexible it is.

devo

3 Ways SOC Automation Can Reduce Analyst Burnout

The 2020 Devo SOC Performance ReportTM presents security professionals’ responses to a variety of survey questions related to people, processes, and technologies within their security operations center (SOC). One of the more interesting topics in the report is the role security automation technologies can play in improving SOC performance and alleviating analyst stress caused by overwork and performing repetitive, mind-numbing tasks, which can lead to analyst burnout.

alienvault

What is endpoint detection and response? EDR security explained

As recent global health events have changed the world, the cybersecurity landscape has changed along with it. Almost all organizations — large or small — have seen their attack surface grow. For those unfamiliar with the term, an attack surface represents the sum total of all the ways in which a bad actor can exploit an endpoint or network to retrieve data. Every endpoint that connects to or communicates with the network is part of the network attack surface.

alienvault

LokiBot Malware: What it is and how to respond to it

The Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security recently announced that activity in LokiBot, a form of aggressive malware, has increased dramatically over the last two months. The activity increase was discovered by an automated intrusion detection system referred to as EINSTEIN, which the Department of Homeland Security uses for collecting and analyzing security information across numerous government agencies.

tripwire

5 Essential Steps to Improve Cybersecurity Maturity

From small- and medium-sized organizations to large enterprises, every business is under continuous threat of security risk in today’s digital world. With the growing digital footprint and cloud adoption, organizations continue to experience sophisticated cyberthreats that hold the potential to disrupt business continuity. A vast majority of these threats can go undetected, or they can be detected too late for an organization to avoid the exposure and the associated risks.

netwrix

What Is Password Spraying, and How Can You Spot and Block Attacks?

In 2019, a data heist at Citrix shook the cybersecurity world. The attackers stole business documents from a shared network drive and from a drive associated with a web-based tool used in Citrix’s consulting practice. The hackers gained this access to Citrix’s IT infrastructure through a password spraying attack, a technique that exploits weak passwords, leading to criticism that the software giant needlessly compromised its clients by failing to establish a sound password strategy.

synopsys

CyRC analysis: Circumventing WPA authentication in wireless routers with Defensics fuzz testing

Three WPA authentication bypass vulnerabilities were found in wireless routers using the Defensics fuzz testing tool. WPA3 will become a mandate for all new wireless devices, which can only be a good thing considering the number of vulnerabilities found in WPA2 implementations. Learn about the basic concepts (and common weaknesses) of WPA authentication, how these vulnerabilities work, and how proactive fuzz testing can identify and address similar issues in WPA implementations.

detectify

Discover latest security vulnerabilities in minutes with Detectify

25 minutes. That’s how long it took to bring high severity security vulnerabilities to Detectify Asset Monitoring customers from the moment they were discovered. On a more technical side, our Security Researchers, led by Tom Hudson, implemented a high priority vulnerability test to detect an Arbitrary File Read in VMware vCenter, and released it into production in this record time.

zeronorth

How to Appease the Gods of Compliance Without a Human Sacrifice

Halloween is here, and while trick or treating may be cancelled because of the ongoing pandemic, the basics of the celebration remain the same: pumpkins, costumes, kids amped up on sugar. That said, the origins of Halloween are rooted in Samhain, an ancient Celtic festival marking the end of the harvest season. Festival goers would slaughter animals and throw them into bonfires in an attempt to appease the dead.

logsentinel

SIEM: What Is SIEM, How It Works, and Useful Resources

SIEM stands for Security information and event management. This technology has existed since the late 1990s. Traditional SIEM has been joined by a broad use log management technology that focuses on collecting various types of logs and events for different purposes, such as: SIEM vendors usually provide different combinations of functionalities to offer the benefits listed above.

lookout

Lookout and Verizon Committed to Protecting Small Businesses with the Launch of Business Mobile Secure

Our mission has always been to secure the mobile experience and for many in our current climate, that means protecting employees as they work from home. Verizon recently announced the launch of Business Mobile Secure, a full security solution designed specifically for small and medium business customers with Lookout mobile security at the helm of the bundle’s modern endpoint protection offerings.

teleport

How to Set Up an SSH Jump Server

In this blog post we’ll cover how to set up an SSH jump server. We’ll cover two open source projects. Both of these servers are easy to install and configure, are free and open-source, and are single-binary Linux daemons. An SSH jump server is a regular Linux server, accessible from the Internet, which is used as a gateway to access other Linux machines on a private network using the SSH protocol.

stackrox

KubeLinter: open source YAML linter / HELM linter for K8s

Today, I’m excited to announce the launch of KubeLinter , a new open source project from StackRox! KubeLinter analyzes Kubernetes YAML files and Helm charts, and checks them against a variety of best practices, with a focus on production readiness and security. Scroll down to watch a video overview of KubeLinter.

alienvault

Duped, deluded, deceived: How disinformation defrauds you

The rise of social media has no doubt been one of the major revolutions of the 21st century. It’s brought about a whole new way for people to connect and share information with others, regardless of their geographical locations. But along with these more noble intentions of social media, there will always be abuse of these platforms – and one of the big ones is the spread of disinformation.

tripwire

How Containers Support the IT-OT Convergence

The worlds of information technology (IT) and operational technology (OT) are colliding. In July 2019, Automation.com cited a survey finding where 82% of respondents told Forrester and Nozomi Networks that their organizations were in the early stages of an IT-OT convergence. Some said their organizations were embracing this meeting more fully. This finding begs several questions. Why are IT and OT converging?

tripwire

4 Considerations for a Secure Cloud Environment

Digital attackers are increasingly turning their attention to the cloud. According to the 2020 Trustwave Global Security Report, the volume of attacks targeting cloud services more than doubled 7% in 2018 to 20% a year later. This growth made cloud services the third most-targeted environment after corporate and e-commerce at 54% and 22%, respectively. These trends highlight the need for organizations to secure their cloud environments.

nightfall

Commit Code Confidently with the Nightfall DLP CircleCI Orb

Nightfall Data Loss Prevention (DLP) is now available as a CircleCI orb. CircleCI orbs are reusable snippets of code that help automate repeated processes, speed up project setup, and make it easy to integrate with third-party tools. With the Nightfall DLP orb, you can scan for sensitive items and prevent developers from accidentally committing sensitive information. We’re excited to announce our launch with CircleCI and share what you can do with the Nightfall DLP orb.

netskope

Introducing Advanced Analytics

Every organization is adopting the cloud, but there are some companies that are reaping a larger number of benefits from cloud transformation than others. Making an effort to adopt the cloud is simply not enough to realize the benefits. The organization that prepares for efficiently managing risk will be able to capture a larger percentage of the benefits than one that has not.

bearer

Using Real-User Monitoring to Understand API Performance

In our previous article we talked about Synthetic Monitoring—a technique used to automate the testing and monitoring of resources by performing simulated user interactions and API calls. Now we're going to look at a complimentary technique called real-user monitoring which takes a more passive hands-off approach.

cyberint

njRAT Rising - The Increase in Activity of the Remote Access Trojan

First identified as active in November 2012, 'njRAT', also known as 'Bladabindi' or 'Njw0rm', is a well established and prevalent remote access trojan (RAT) threat that was initially created by a cybercriminal threat group known as 'Sparclyheason' and used to target victims located in the Middle East. Undoubtedly following the source code leak, reportedly in May 2013, njRAT has become widely available on the cybercriminal underground with numerous variants being released over the years.

detectify

Web Cache Entanglement - Novel Pathways to Poisoning

Each year we anticipate new research from James Kettle at the annual Black Hat USA event and he’s become known for his web cache research. This year he announced Web Cache Entanglement – new techniques to exploit web cache poisoning. We’ve previously covered his work concerning web cache poisoning and HTTP request smuggling which is intriguing for any software engineer to know about. This article will briefly highlight the main points about Web Cache Entanglement.

lookout

Cybersecurity is not complete without EDR for mobile

We just recently unveiled the industry’s first mobile endpoint detection and response (EDR) solution. This is an industry game changer as we are providing the same tools the Lookout security researchers use to hunt for novel threats to our customers to investigate cyberattacks. If you want to learn more about how we did it, I strongly encourage you to read our Chief Strategy Officer Aaron Cockerill’s blog on the announcement.

alienvault

Mobile device security explained

With recent global health events resulting in a surprise shift to an either completely remote or hybrid remote workforce for many organizations, the need to leverage mobile devices as work endpoints has grown significantly. This has created challenges for IT in maintaining both the ability to manage a wide range of devices, as well as securing them in a way that achieves corporate security objectives and governance.

alienvault

Observations from the digital trenches

When AT&T Incident Response Consultants first engage a client during a ransomware incident, the situation is often very chaotic. The client's ability to conduct business has stopped; critical services are not online, and its reputation is being damaged. Usually, this is the first time a client has suffered an outage of such magnitude. Employees may wrongly fear that a previous action is a direct cause of the incident and the resulting consequences.

tripwire

How to Best Secure the Industrial Network for EMEA Organizations

You don’t have to search very far in the news to see stories of websites being hacked and customer details being stolen. Stories about incidents involving industrial control systems (ICSes) and operational technology (OT) environments aren’t so common. But they are prevalent. Just the other week, for example, an airline company sent out an email letting me know that their database had been hacked and that my travel details might have been taken.

nightfall

Protecting data in Snowflake is easy with Nightfall's API platform

Ever since Snowflake burst onto the scene in 2014, the company and the software has been massively influential in how we all think of storing and accessing data. Snowflake reached new heights in September when they launched their IPO — at 28 million shares and $3.4 billion raised, it’s the largest software IPO in history. The higher financial profile and cash influx means Snowflake can expand its reach even further.

netskope

The Future of Security and The Inevitability of Remote Working

By this time in 2020, you’re probably well past the panic of pandemic cybersecurity. The “New Normal” isn’t very new anymore and what was once perceived as short term crisis management of security is looking more like a long term solution. As we look ahead, it’s important to look at what we’ve learned from this situation, as security professionals and how we can apply that to the long road we still have ahead of us.

cygilant

The Business Case for Cybersecurity-as-a-Service

Look no further than the almost daily cybersecurity threats and attacks on businesses to know that cybersecurity should be at the top of every organization’s priority list. Yet, for small and medium-size businesses (SMBs) it seems to always slip down the list because cybersecurity is viewed as a sunk cost rather than an important business enabler.

cyphere

Red Team vs Penetration Testing - Which one is the right choice for your business?

Whether it’s a security assessment, a vulnerability scan, a red team or a pen test – What’s common? To identify issues and mitigate them from an organizational risk perspective. This article is aimed at weeding out various confusions from the readers mind. Stock up your caffeine, we are going to cover these areas under this topic.

veracode

Announcing the 11th Volume of Our State of Software Security Report

Today, we released the 11th volume of our annual State of Software Security (SOSS) report. This report, based on our scan results, always offers an abundance of insights and information about software vulnerabilities – what they are, what’s causing them, and how to address them most effectively. This year is no different. With last year’s SOSS Volume 10, we spent some time looking at how much things had changed in the decade spanning Volume 1 to Volume 10.

tripwire

Australia Proposes Security Law to Protect Critical Infrastructure Against Cyber Attacks

The Australian Government is committed to protecting the essential services all Australians rely on by uplifting the security and resilience of critical infrastructure. Increasingly interconnected and interdependent critical infrastructure is delivering efficiencies and economic benefits to operations.

outpost 24

NSA list: what you need to know about the top vulnerabilities currently targeted by Chinese hackers Part 2

In our previous blog we covered the first 10 of the NSA vulnerabilities currently targeted by Chinese hackers, here the remaining ones, again demonstrating the predictive power of our risk based vulnerability management tool Farsight

netwrix

Security Analytics

As cybersecurity threats evolve, companies must adapt and rethink their security strategies. This means moving away from traditional technologies and towards new cybersecurity frameworks. One such framework is the NIST cybersecurity framework, which comprises five major functions: These five functions are the pillars of a well-rounded and effective cybersecurity strategy that is designed to improve a company’s capacity to counteract threats.

nightfall

5 Tips for Training Non-IT Employees on Cybersecurity

In June, one research study found that the pandemic caused just over 40% of the entire US workforce to work from home full-time. Many businesses made the quick decision to allow employees to work remotely, scrambling to provide IT resources and remote-work tools on the fly. Now, many enterprises are doubling down and allowing employees to work from home for the foreseeable future.

netskope

10 Takeaways About the Impact of 2020's Uncertainty on Security

This week Netskope hosted our annual executive briefing with the US Embassy in London, converted, in common with many events this year, into an online webinar. We wanted to take the opportunity to consider what impact this year’s unprecedented changes and uncertainty were having on the cybersecurity landscape.

upguard

Docker vs VMWare: How Do They Stack Up?

This is a clash of virtualization titans: one virtual machine, the other a containerization technology. In reality, both are complementary technologies—as hardware virtualization and containerization each have their distinct qualities and can be used in tandem for combinatorial benefits. Let’s take a look at each to find out how they stack up against each other, as well as how the two can be used in tandem for achieving maximum agility.

veriato

The Importance of User Behavior Analytics

There’s no question that cybercrimes are a growing problem for businesses in the United States. A cyberattack can cost a business about $200,000 on average. Sadly, many businesses that are targeted cannot recover from the financial effects of a cyberattack. In fact, it’s estimated that 60% of targeted companies go out of business within six months of the attack.

bearer

Synthetic Monitoring

Testing uptime, response time, and other performance metrics in applications can take a few different shapes. One common technique is an approach known as synthetic monitoring. This form of performance monitoring doesn't rely on real users interacting with a service, and instead uses automated tools to mimic interactions. Then, the results are recorded and parsed just like other solutions.

logsign

Must-Have Features of a Modern SIEM

Initially, Security Information and Event Management (SIEM) solutions were readily adopted because of their capability to provide actionable insights into the deep corners of an organization’s network. Legacy SIEM systems helped in understanding when and where security incidents are happening in real-time. Soon enough, these SIEM systems faced an avalanche of false positives, and they required a dedicated team to filter out irrelevant alerts.

logsentinel

Using SIEM for Simplifying SOX Compliance

The Sarbanes-Oxley Act (SOX) establishes requirements for the integrity of the source data used in financial transactions and reporting. In particular, auditors are looking at regulated data residing in databases connected to enterprise applications. To prove the integrity of financial data, companies must extend audit processes to the financial information stored within corporate databases.

alienvault

SPAM text messages vs SMiShing and defending against it

Businesses want to connect to their users and meet them where they are. One growing way to communicate to them is through text messages including providing coupons, recent news, and other marketing materials. When these marketing efforts are unwanted by the customer, this is when they cross the line into the SPAM category. SPAM has taken many forms throughout history such as junk mail in your mailbox and robocalls.

tripwire

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened up opportunities for cybercriminals to completely compromise WordPress sites. The flaw can be exploited if a user attempts to log into a Loginizer-protected website with a carefully-crafted username.

outpost 24

NSA list: what you need to know about the top vulnerabilities currently targeted by Chinese hackers Part 1

This week NSA published a list of the top 25 vulnerabilities that Chinese hackers are actively exploiting, and unsurprisingly the list included some of the most prominent CVEs that we’ve covered in our previous risk based vulnerability management blogs.

netacea

The evolution of bots: generations 1, 2 & 3

Bots are evolving dramatically and becoming more sophisticated and launching ever more complex and targeted attacks at ever increasing rates. This makes detecting bots more important than ever but also more difficult than ever. Bots of the more recent generations are harder to identify without expert bot detection tooling. These bots could put businesses at risk of exposure to threats such as scraping, carding, and credential stuffing.

netskope

How Netskope NewEdge Takes SD-WAN to the Next Level

With Gartner releasing its latest Magic Quadrant for WAN Edge Infrastructure earlier this month, it seemed an appropriate time to explore the intersection of SD-WAN and SASE. Both of these technological approaches hold great promise and are large, billion-dollar markets, sharing the common goal of connecting users to the data and applications critical to doing their job. The two technologies demonstrate the increasing overlap and tightening linkage between networking and security investments.

ForgeTalks | How to Address Identity Governance Fatigue

Welcome back to another episode of ForgeTalks. This week I met with ForgeRock Senior Director for Product Marketing, Tim Bedard, to discuss how organizations can address their identity governance fatigue. Because of legacy identity governance and administration (IGA) limitations, IT and security teams are exhausted from manually reviewing and approving access requests. These organizations need an identity model that provides visibility into who has access to what and why, eliminating these manual processes.
armo

ContainerDrip - Another Example of Why HTTP Basic Authentication is Flawed

The latest exploit in the series of issues with cloud infrastructure software is called “ContainerDrip” (CVE-2020-15157)and in some cases it can cause you to leak your registry secrets to an attacker. The attack is actually a kind of secret or password leak using request forgery. Your client unintentionally makes an HTTP API request to the attacker’s endpoint where this request contains the container image registry secret.

WhiteSource

Top 10 Application Security Best Practices

Software applications are the weakest link when it comes to the security of the enterprise stack. In The State of Application Security, 2020, Forrester says the majority of external attacks occur either by exploiting a software vulnerability (42%) or through a web application (35%). based on Forrester's The State Of Application Security 2020

idcentral

Indonesia Fintech Market - SWOT Analysis

The limitations of traditional lending solution creates a room for innovation via Fintech. Fintech is able to address the challenges that conventional lending providers face by utilising a combination of different business models, technology, and innovative approaches. Indonesia’s fintech market looks like an open bottle of honey to me. The fintech market has grown by 16.3% with total investment in fintech companies reaching $176.75 million in 2019.

Image

Everything You Need to Know About the Evolving Bot Landscape

In 2019 we saw more credential stuffing, sniper and scraper bot attacks targeting websites, mobile apps and APIs alike. The shift in attack vectors and scale of attacks highlights an urgent need for a sophisticated solution that protects businesses and customers from the growing malicious bot threat. Understanding the intent of bad bots vs. humans or good bots is vital as all industries face new challenges in acquiring the necessary visibility of their traffic, and subsequent analysis required for rapid and effective attack response that doesn't sacrifice the user experience.
Image

3 Steps to Better Bot Management

Are you seeing the full picture when it comes to web and application security? Without fast and accurate data at your fingertips from the best bot management, it's increasingly difficult to differentiate human from automated bot traffic on your web-facing applications. Credential stuffing, account fraud and scraping attacks are a multi-billion-dollar business┬╣, with the scope for earning made increasingly simple by the vast number of internet users, availability of login credentials and the sheer volume of connected devices.
alienvault

Internet of Things toys are fun but raise privacy and socio-political concerns

An estimated 38 billion devices are connected to the internet this year, highlighting the fact that the Internet of Things (IoT) is not a farfetched futuristic concept, but the reality for most of the modern world. Many of these connected devices are toys that children enjoy, but no matter how fun they may be, challenges have come to the surface due to privacy concerns and socio-political issues pertaining to gender-neutral toys.

tripwire

More Effective Security Awareness: 3 Tips for NCSAM

It’s often said that humans are the weakest link in cybersecurity. Indeed, I’d have a hard time arguing that a computer that was sealed in a box, untouched by human hand, poses much of a security risk. But a computer that is unused has no purpose. It behooves security practitioners to get smarter about how we teach people to use those machines so that both humans and computers can work together to safely accomplish greater things.

ekran

Cybersecurity Compliance in the Education Industry: How to Protect Students' Personal Data

Educational institutions handle tremendous amounts of data and have access to personal, financial, and healthcare information of both students and staff. However, this exposes them to cybersecurity risks. In 2019, the US was hit by multiple ransomware attacks that impacted 89 universities, colleges, and school districts — up to 1,233 institutions were potentially affected.

Application Security Decoded: What It Means For IoT Devices, Security & Privacy | Synopsys

In our new video series, “AppSec Decoded,” Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre (CyRC), sat down with Laurie Carr, blog managing editor at Synopsys, to discuss the future of IoT devices and what it means for security and privacy.
logsign

How to Comply with the NIST Cybersecurity Framework

Since NIST Cybersecurity Framework is the best solution for better prevention, detection, and response to cybersecurity incidents, various organizations have adopted it to safeguard their IT assets. The 2019 SANS OT/ICS Cybersecurity Survey spells out the NIST CSF as the number one cybersecurity framework in use today. However, it is imperative to consider that how should we comply with NIST CSF in 2020 and beyond? Here is some help!

lookout

Mobile EDR for security professionals by security professionals

In case you missed it, Lookout just announced something that I’m super excited about – the introduction of threat hunting and research into the Lookout Security Platform. The reason this is so satisfying is because we are enabling organizations to use the same tools our security analysts have been using for years.

nnt

When Old News is More Dangerous than Fake News: Vulnerability Scan Blind Spots

Out of all the cat videos you could watch, how do you decide which one to view first? The beauty of social media is its real-time, democratic operation. Everyone gets to vote and the content with the most shares is the People’s Choice, rightfully ‘The Best’. But we now know this Facebook-era notion of ‘most popular equals best’ is open to abuse. It turns out that a significant proportion of social media interaction is in fact, manufactured.

netskope

Announcing Netskope's Upcoming Integration for Splunk Mission Control

Today’s security operations require coordinated efforts from multiple team members, many of whom are in different roles and technology specializations. Complexity inhibits the ability to conduct time-sensitive operations such as incident response. Security engineers and the threat hunters have to be on the same page when it comes to establishing priorities and conducting investigation, across the entire detection & response lifecycle.

upguard

Website Security: How to Protect Your Website Checklist

Putting a website on the internet means exposing that website to hacking attempts, port scans, traffic sniffers and data miners. If you’re lucky, you might get some legitimate traffic as well, but not if someone takes down or defaces your site first. Most of us know to look for the lock icon when we're browsing to make sure a site is secure, but that only scratches the surface of what can be done to protect a web server.

upguard

What is SQL injection?

An SQL injection (also known as SQLi) is a technique for the “injection” of SQL commands by attackers to access and manipulate databases. Using SQL code via user input that a web application (eg, web form) sends to its database server, attackers can gain access to information, which could include sensitive data or personal customer information. SQL injection is a common issue with database-driven websites.

cygilant

Cybersecurity Experts Discuss: Enhancing and Augmenting the Analyst

In the final blog in our cybersecurity experts discuss series, we summarize why a SIEM can enhance and augment your SOC analyst. Read what Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint. A modern SIEM can help make a SOC analyst more effective and productive. It should take and leverage all types of different security-related data to perform meaningful analytics.

teleport

Session Control for SSH and Kubernetes in Teleport 4.4

Teleport 4.4 is here! The major innovation we’re introducing in this version is much improved control over interactive sessions for SSH and Kubernetes protocols. We’ll do a deeper dive into session control later, but for those who aren’t familiar with it, Teleport is an open source project. It provides access to SSH servers and Kubernetes clusters on any infrastructure, on any cloud, or any IoT device, anywhere, even behind NAT.

teleport

Teleport 4.4: Concurrent Session Control & Session Streaming

A SSH session can be interactive or non-interactive. The session starts when a computer or human connects to a node using SSH. SSH sessions can be established using public/private key cryptography or can use short lived SSH Certificates, similar to how Teleport works. Organizations often want to know who is accessing the systems and provide a greater level of control over who and when people are accessing them, which is where Teleport 4.4 comes into play.

xona systems

How Remote Operations Capacity Improves Organizational Efficiency

The Coronavirus pandemic is proving to be one of the most disruptive forces of our generation. In addition to being a prolific public health emergency that’s tragically cost the lives of hundreds of thousands of people, the economic implications have been vast and far-reaching. As a result, companies of every size in nearly every sector are contending with a new financial reality.

egnyte

Egnyte Rolls Out New Governance and Compliance Tools for the Remote-work Era

From the beginning, Egnyte was architected so that your content would not have to be “boxed in” to any one single environment, but rather can flow seamlessly up, down, side to side across multiple clouds. There are good reasons for this. Sometimes it makes sense for data to be miles away, while other times it needs to be closer to where users actually are (at the edge), or offline altogether.

Featured Post

Project Management Lessons Learned From Risk Management

While risk management can be draining, it offers crucial lessons that enable managers to implement projects efficiently. If you undertake a thorough risk analysis before any project, you'll identify all the gaps and create mitigation strategies. This way, you'll save time and resources.
alienvault

PSPs vs. OPA Gatekeeper: Breaking down your Kubernetes Pod security options

Organizations are increasingly turning to Kubernetes, but they’re having trouble balancing security in the process. In its State of Container and Kubernetes Security Fall 2020 survey, for instance, StackRox found that 91% of respondents were using Kubernetes to orchestrate their containers and that three quarters of organizations were using the open-source container-orchestration system in production.

tripwire

A Closer Look at the Attempted Ransomware Attack on Tesla

Cybersecurity is in the news again with the disclosure that Tesla, working in conjunction with the FBI, prevented a ransomware attack from being launched at its Gigafactory in Nevada. The cybercriminals targeted Tesla through one of its employees, whom they allegedly promised to pay $1 million in order to help them infect the company’s system with malware.

nightfall

3 Ways to Ensure Your Security Policies Survive the Transition to the Cloud

By 2025 the amount of data stored in the cloud by both governments, organizations, and individuals will exceed 75 Zettabytes – an estimated 49% of the world’s 175 zettabytes of data at that time. This trend has no doubt been accelerated by COVID, as organizations have been forced to shorten cloud migration timeframes to ensure business continuity during the pandemic.

upguard

What's the Cost of a Data Breach in 2019?

According to the 2019 Cost of Data Breach Report from Ponemon Institute and IBM Security, the global average cost of a data breach has grown by 12 percent in the last five years to $3.92 million. This was driven by the multi-year financial impact of breaches, increased regulation and the difficult process of resolving cyber attacks.

upguard

Full Stack Blues: Exploring Vulnerabilities In The MEAN Stack

Full stack development is all the rage these days, and for good reason: developers with both front-end web development skills and back-end/server coding prowess clearly offer substantially more value to their respective organizations. The ability to traverse the entire stack competently also makes interacting and cooperating with operations and security an easier affair—a key tenet of DevOps culture.

upguard

What is Secure Coding?

A skillful black hat hacker can quickly assume control of your digital products with just a few swift modifications to its coding, and as businesses continue to digitize their processes, this risk of penetration will only multiply. The solution is the adoption of secure coding practices. Secure coding is a method of writing software and source code that's shielded from cyber attacks.

upguard

Which Web Programming Language Is The Most Secure?

The question is indeed a contentious one, never failing to incite heated arguments from all camps. Many ways exist to cut the cake in this regard—WhiteHat Security took a stab at it in a recent edition of its Website Security Statistics Report, where it analyzed statistics around web programming languages and their comparative strengths in security.

upguard

Is DDoSing illegal?

You're woken by your phone erupting with notifications. You drowsily reach for it and find a barrage of messages from frustrated clients complaining about your website. You try to load your website but you're met with a frightful "service unavailable" message. You could be a victim of a DDoS attack. A Distributed Denial of Service attack (DDoS attack) is the process of sending an overwhelming amount of data requests to a web server with the intention of impeding its performance.

upguard

The Windows Server Hardening Checklist

Whether you’re deploying hundreds of Windows servers into the cloud through code, or handbuilding physical servers for a small business, having a proper method to ensure a secure, reliable environment is crucial to success. Everyone knows that an out-of-the-box Windows server may not have all the necessary security measures in place to go right into production, although Microsoft has been improving the default configuration in every server version.

upguard

What is SPF filtering and how do I implement it?

People fall victim to internet scams, not because they're exceedingly credulous, but because scammer efforts are becoming more and more believable. Now, cybercriminals can leverage your hard-earned reputation by sending emails that appear to come from your business. Victims of this spoofing attack could suffer irrevocable reputation damage or get their IP address blacklisted, putting an instant end to all online business activities.

upguard

What is Egregor ransomware? The new threat of 2020

Since stepping into the cybercriminal arena in September 2020, the Egregor group has penetrated over 71 businesses globally, including recruitment giant Randstad and US retailer Kmart. But who is the Egregor group and how have they managed to rise up as a significant cyber threat in just a few short months? Egregor is a cybercriminal group specializing in a unique branch of ransomware attacks.

upguard

What is Netwalker ransomware? Attack methods & important defense tactics

Since ransomware was founded in 1996, many ransomware gangs have attempted and failed to quake the cybersecurity landscape. But some have broken through and even rearranged it with their obfuscatory cyberattack methods. Netwalker ransomware is an example of such a success. Within its first six months of operation, the ransomware gang received more than $25 million in ransom payments. What is Netwalker ransomware and why is it so lethal? To learn more, read on.

upguard

What is Fourth Party Risk?

Every company outsources parts of its operations to multiple suppliers. Those suppliers, in turn, outsource their operations to other suppliers. This is fourth party risk. The risk to your company posed by suppliers' suppliers. Confusing, isn't it? The best way to frame it with a case study, so please read on! You help look after Information Security at a manufacturing company. Your company has got a policy for everything, including the policy to regularly maintain all the policies.

cygilant

Cybersecurity Experts Discuss: Machine Learning for Security Applications

In a discussion between Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint, we summarize why machine learning and a SOC go hand in hand. Traditional SIEMs offer a rules-based approach as it looks for alerts. Because you can easily write a search, it’s very good at picking out known-bad entities. However, there are certain things that can occur which are not so black and white.

synopsys

Get effective DevSecOps with version control

“Version control” sounds a bit like something used by people scattered around the country trying to collaborate on a story. But it’s a crucial part of software development, especially in the DevSecOps era, where you need to ensure that the speed of the CI/CD pipeline doesn’t outrun quality and security. That’s because software development isn’t like an assembly line where a product moves from one group of workers to the next in a perfectly coordinated sequence.

wandera

How to choose a Zero Trust Network Access architecture: Software-Defined Perimeter or Reverse-Proxy?

Zero Trust Network Access (ZTNA) is the next generation access solution that is set to be a key part of IT administrators toolkits, displacing longstanding Virtual Private Networks (VPN). There are numerous factors and features that need to be considered when choosing the right ZTNA architecture for your organization. In this guide we breakdown the differences between the two prominent architectures, Software Defined Perimeter (SDP) and reverse-proxy, and how to successfully evaluate them.

logsign

Top 5 Criteria for Selecting a Managed Security Service Provider (MSSP)

Does your organization consider working with a MSSP? Don’t make a commitment before reading our article about how to choose the right MSSP for you! Regardless of the reason why you decide to work with an MSSP, you must be very careful and fastidious when selecting a MSSP for your organization. In this article, we will discuss what you need to consider before making a commitment.

tripwire

3 Zones that Require Network Security for Industrial Remote Access

By now, we have a good understanding of what secure remote access (SRA) is and why organizations might choose to enable it for their OT environments. We also know that securing IT-OT collaboration, leveraging guidance from best practice frameworks and using an automated solution can help organizations to implement this type of access. Even so, we still don’t have a detailed view of how to implement industrial remote access in practice.

tripwire

IoT Devices: Privacy and Security in Abusive Relationships

A few weeks, ago, technology news site The Verge reported on a new Ring security camera that is in fact a drone that flies around inside your house. Available beginning next year, the ‘Always Home Cam’ is supposed to give its owners a total view of their home without the need for multiple cameras. Those worried about break-ins or other kinds of suspicious activities may like the idea of being a fly on the wall in any room inside the house, even when they’re away from home.

netacea

How are scalping bots threatening your businesses?

Scalper bots, or inventory hoarding bots, are used to disrupt, manipulate, and steal merchandise much faster than any human can. These malicious bots add products to carts, often products that are in high demand or limited supply. This stock is held in a basket and made unavailable to other prospective buyers. Scalper bots perform this process multiple times, causing significant problems for websites and retailers, by hijacking inventory and reselling the items at a higher price.

cygilant

Cybersecurity Experts Discuss: SIEM Enrichment

Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint discuss why SIEM enrichment is essential to cybersecurity and how it improves your SOC. A mountain of data doesn’t do businesses any good unless it is put to good use. This is why data enrichment is essential.

synopsys

Synopsys' Seeker IAST wins Best Cloud and Web Application Security category at CybersecAsia Awards

Synopsys is proud to announce that Seeker® IAST won the CybersecAsia 2020 award for Best Cloud and Web Application Security. This award underscores Seeker’s position as an industry leader in functionality and capability, offering best-in-class detection, tracking, and monitoring of sensitive data leakages for today’s modern and complex web, mobile, and cloud-based applications.

ioncube24

Weekly Cyber Security News 16/10/2020

It has been an interesting few months for all of us, and perhaps the only ones to have really benefited are the bad guys. With people on the edge for the latest news, and for those countries where governments have quickly setup public health alerting often quickly with little opssec planning, the doors are open for many opportunities for crooks to cash in – and they have. Needless to say, if you are here, then you probably already know the value of checking before acting right?

veracode

Watch Here: How to Build a Successful AppSec Program

Cyberattackers and threat actors won’t take a break and wait for you to challenge them with your security efforts – you need a proactive application security (AppSec) program to get ahead of threats and remediate flaws quickly. It’s critical that you stand up an AppSec program covering all the bases, from which roles each team member will have to alignment on KPIs and goals, and even a detailed application inventory to stay on top of your code.

logsign

7 Steps of Cyber Kill Chain

The Cyber Kill Chain offers a comprehensive framework as a part of the Intelligence Driven Defense model. In this article, we will discuss what the cyber kill chain is and what its steps are. Cyber intrusions are the worst nightmare of many of us. That is why many cyber security professionals and developers offer unique solutions for the identification and prevention of cyber intrusions activity. Being one of those developers, Lockheed Martin has brought the Cyber Kill Chain into our lives.

idcentral

Use of Digital Identities to improve consumer experiences

Nowadays I do not need to waste my time fidgeting what I want to binge watch this weekend because my Netflix seems to knows what I would want to see better than me. And I often cringe if people ask me to share my Netflix account with them as that disturbs my suggestion algorithm. Similarly, while ordering from Myntra, it shows me suggestion of products which are available in my size and according to my spending capacity based on my previous buying habits.

alienvault

What is threat modeling?

A lot of cybersecurity terminology can sound complex and esoteric. You may hear defensive security specialists, the people who work to secure computers and their networks, talk about threat models and threat modeling a lot. So what is threat modeling? It’s actually pretty simple, and it’s a concept that can not only be applied to computer security, but also to ordinary people in our everyday lives.

alienvault

CMMC compliance explained: what is the Cybersecurity Maturity Model Certification?

With an escalating cybersecurity threat risk that doesn’t appear to be slowing down, the Department of Defense (DoD) has taken proactive measures in creating the Cybersecurity Maturity Model Certification (CMMC). The CMMC will soon be a requirement for any defense contractors or other vendors that are, or wish to be, working with the DoD .

tripwire

Barnes & Noble warns customers it has been hacked, customer data may have been accessed

American bookselling giant Barnes & Noble is contacting customers via email, warning them that its network was breached by hackers, and that sensitive information about shoppers may have been accessed. In the email to customers, Barnes & Noble says that it became aware that it had fallen victim to a cybersecurity attack on Saturday October 10th.

outpost 24

Fix now: High risk vulnerabilities at large, October 13th

This time around, the MySQL vulnerabilities caught our attention because of their low CVSS scores compared to their high likelihood risk rating. This is something we see often when working with our customers, and demonstrates how a risk based approach to vulnerability management changes as organizations focus on where there is a real risk of compromise.

nightfall

Add DLP to Airtable with Nightfall's API platform

Airtable has proven its staying power among tech unicorns as a customizable and collaborative project management platform that empowers users to track literally anything at work or at home. When the company announced its $185 million Series D funding in September, they generated a whole new round of buzzworthy headlines. For security leaders, this means that new requests for adding Airtable to tech stacks are likely on the way.

cygilant

Cybersecurity Experts Discuss: Data is King

We recently spoke with Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint on 10 steps to cybersecurity. Here we summarize their conversation on why data is king. The volume of data we must analyze to stay secure is substantially increasing. At the same time, the tooling and systems that support cybersecurity are not increasing at the same rate.

synopsys

Making SCA part of your AST Strategy

Open source software is now used in nearly every organization, which makes it critical to know your code. Learn how an SCA tool can help you. There’s an ongoing sea change in how developers ensure a more secure software development life cycle (SDLC). “Shift left” is the notion that creating high-quality software begins with planning and continues through the development and testing stages to actual deployment.

calligo

Calligo joins the Top 100 of the Growth List 2020, Canada's fastest-growing businesses

For the first time, Calligo has been included in the official ranking of Canada’s fastest-growing businesses, entering the Top 100 at its first attempt, ranked 84th overall and the 9th highest IT company. The Growth List 2020 is based on the five-year revenue growth of Canada’s top private and public independent companies.

WhiteSource

Be Wise - Prioritize: Taking Application Security To the Next Level

As the number of known vulnerabilities continues to grow every year, software development and application security teams are increasingly relying on vulnerability detection tools throughout development. The result: teams are often overwhelmed with a steady stream of security alerts that must be addressed, and it’s becoming clear that it’s impossible to attempt to fix everything.

wandera

Remote access evolved: Wandera Private Access

For Wandera the year started with a new brand and a new direction, using our strengths as security experts to establish a circle of trust. Security leaders were telling us that establishing trust was becoming a major challenge for their business, especially when remote users and highly sensitive, data-rich corporate resources were involved.

teleport

How to Set Up Kubernetes SSO with SAML

Kubernetes has some impressive baked-in role based access controls (RBAC). These controls allow administrators to define nuanced permissions when querying Kubernetes resources, like Pods, Deployments, ReplicaSets, etc. For those familiar with Kubernetes, the value of RBAC is immediately recognizable. A single Kubernetes cluster can contain your organization’s entire CI/CD pipeline, highly available SaaS products, or infrastructure that is in the process of being moved to the cloud.

stackrox

6 Kubernetes Security Use Cases You Must Prioritize

Organizations are rapidly moving their Kubernetes applications to production to accelerate feature velocity and drive digital transformation and business growth. Our latest State of Kubernetes Security survey report shows that companies have standardized on Kubernetes, and this rapid adoption offers equal parts promise and peril. Promise, in the form of infrastructure that enables far greater inherent security than ever before.

egnyte

The Journey to 7X Search Performance Improvement

Egnyte is used by our customers as a unified platform to govern and secure billions of files everywhere. As the amount of data stored is huge, customers want to search their dataset by metadata attributes like name, user, comments, custom metadata, and many more, including the possibility to find files by content keywords. Taking all of that into consideration, we needed to provide a solution that is able to find relevant content in a fast and accurate way.

alienvault

Penetration Testing Services: what to look for in a pen test provider

These days computers and the software that operate upon them touch practically every part of our professional and personal lives. The information they store, process and transmit is the foundation upon which businesses are built, how customer experiences are delivered, and how we find the best takeout food in our immediate area. So why is it so hard to keep them highly secure?

tripwire

UAE's Information Assurance Regulation - How to Achieve Compliance

For years, the United Arab Emirates (UAE) has committed itself to adopting information technology (IT) and electronic communication. The UAE’s Telecommunications Regulatory Authority (TRA) noted that this policy has made the state’s government agencies and organizations more efficient as well as has improved the ability for individuals to collaborate around the world.

siemplify

How to Automate a Ransomware Response in 5 Steps

As if organizations are not under enough pressure from ransomware purveyors, Check Point estimates that ransomware attacks have roughly doubled in the United States over the past three months, due in part to the shift to remote working which has increased phishing opportunities and exposed new gaps in corporate IT infrastructure. And the situation has become even more distressing with the U.S. government now threatening fines to victims who pay the cyber extortionists’ demands.

Siemplify Security Operations Platform Overview

Watch as we take you on a high-level tour through the world's leading independent SOAR platform and how it enables security analysts and engineers to work more efficiently and effectively. Discover how the platform provides integrations to hundreds of security and IT tools and ready-to-deploy use cases, yet goes beyond orchestration and automation to provide a complete platform to manage security opeations from end to end, from patentend threat-centric alert grouping all the way to an integrated crisis management portal.
bearer

What You Need to Know About Unofficial APIs

Some APIs provide data we benefit from. Others are hooks into an ecosystem that our users find valuable, and others provide features that are difficult to build. What happens when we need access to data that users expect, but an API doesn’t exist? Maybe you’re building an automotive application that would benefit from pulling driving statistics from the user’s car, but the manufacturer’s API is private.

cygilant

Cybersecurity Experts Discuss: Balancing People and Process

Two cybersecurity experts recently discussed balancing people and process. Read what Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint have to say. While your modern cybersecurity SOC and SIEM must be process driven, it also needs to be talent-led. You have a constant balancing act between people and process. Don’t neglect your people.

logsign

Three stages of IT security where you can implement CARTA (Continuous Adaptive Risk and Trust Assessment): Run, Plan, Build

CARTA (Continuous Adaptive Risk and Trust Assessment) is a novel and efficient approach to the IT security that aims to offer additional context for the cybersecurity professionals when they are making a decision. Keep reading to learn more! CARTA (Continuous Adaptive Risk and Trust Assessment) was introduced in 2017 by Gartner. Being around for only 3 years, CARTA offers a strategic and efficient approach to the IT security.

stackrox

The U.S. Department of Defense - A Role Model for DevSecOps

Several years ago, few would have thought that a government agency would be at the forefront of application development tooling and processes, daring the civilian world to keep up with their shift-left knowhow. But that’s exactly what’s happening in the U.S. Department of Defense, which is implementing the Enterprise DevSecOps Initiative to enable agencies to increase the warfighter’s competitive advantage by developing applications more rapidly and securely.

DIY Guide to Open Source Vulnerability Management

You've realized you need to do a better job of tracking and managing your open source as well as the vulnerabilities and licenses associated with it. How hard can vulnerability management be? Do you really need special tools? After all, the license and vulnerability information is publicly available. Once you get a list of open source components and do some Google searching, you should be all set, right?
alienvault

What is search engine clickbait and how do hackers trick Google's crawlers?

Search engine optimization (SEO) works with algorithms to ensure that the most relevant and most popular webpages show up first in an internet search. SEO makes sure that the best websites get the biggest boost. However, SEO has a lesser-known, evil twin called black hat SEO. This term refers to a common trick of cybercriminals. Black hat SEO is meant to circumvent algorithms, exploit weaknesses, and create fraudulent links.

nightfall

Nightfall DLP enables customer-centric data security for one of the largest movie-ticket retailers

Just when a company thinks they’ve seen it all in cybersecurity, new challenges in data protection keep security leaders on their toes. One of the largest movie-ticket retailers discovered a need to protect sensitive data that could be shared across their productivity tools.

ForgeTalks | Citizen Identity & Access Management

Welcome back to another episode of ForgeTalks! All around the world public sector organizations are trying to provide better and more secure digital experiences for their citizens. Here at ForgeRock, we believe that digital identity can help enable these experiences. With the rise of security breaches, online services, remote citizen and workforce user demands, digital transformation is a must. In this week's episode of ForgeTalks, I was joined by Tommy Cathey, ForgeRock RVP for Public Sector, to talk about citizen identity and access management.
cygilant

Cybersecurity Experts Discuss: Process, Process, Process

In our next post featuring Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint, we discuss the power of process in keeping your business secure. modern SOC is 100% process driven. You can’t wait until there is an emergency to work out how you’ll respond. You need to have planned and prepared in advance. That means keeping cybersecurity healthy with continual improvements within your technology, processes, and people.

zeronorth

The Joy of Secure DevOps Demands More Cooks in the Kitchen

In many ways, the DevOps process looks a lot like cooking for a large dinner party—with very short notice. DevOps requires the right blend of technical acumen, automated processes and tools to shorten development cycles and cut costs, empowering developers to serve up high-quality applications (or delicious entrees and desserts) in record time. Just like cooking, DevOps is a methodology that encourages experimentation.

lookout

Lookout partners with Google to deliver Zero Trust and BeyondCorp vision for mobile devices

Productivity suites have changed the way we work With the advent of cloud productivity platforms, tablets and smartphones have become an integral part of our work and personal lives. At any time, we are one tap away from accessing the same content as our desktop computers. In some ways, mobile devices have replaced those traditional devices as our main productivity tool. To borrow a line from a current ad campaign for tablets – “your next computer is not a computer.”

nnt

5 Key Processes & Controls to Maximize Cybersecurity Effectiveness

As of late, cybersecurity has come to the forefront of the I.T. Industry, and is one of the key functions of any organization. This article will discuss 5 key processes and potential controls you should implement in order to maximize the effectiveness of your cybersecurity efforts, leading to an all-around secure environment.

egnyte

Cloud Content Governance: Egnyte's Data Security Framework

Are our systems secure? Is our valuable content safe? These are tough questions to tackle when news headlines regularly bombard us with messages of cyberattacks and security breaches. Centrify, a zero-trust and privileged access management provider, reported that 71 percent of business decision-makers are concerned that the move to remote working creates a significant increase in the risk of cyberattacks.

tripwire

Shared Responsibility and Configuration Management in the Cloud: SecTor 2020

A number of high-profile data breaches have resulted directly from misconfigured permissions or unpatched vulnerabilities. For instance, the 2017 Equifax breach was the result of exploiting an unpatched flaw in Apache Struts allowing remote code execution. More recently, the Capital One breach last year stemmed from a misconfigured web application firewall. Verizon’s 2020 DBIR reported that only hacking was more prevalent than misconfiguration errors as the culprit of data breaches.

Managing Compliance & Security In A Remote World

There are many advantages to having employees working from home, but there also seems to be significant challenges regarding data security, privacy, and compliance. How can we address these issues? Best practices for securing remote devices Maintaining compliance when employees work remotely Addressing additional risks caused by the COVID-19 Pandemic Regaining visibility into your mobile workforce using technology
synopsys

Are you ready for ISO SAE 21434 Cybersecurity of Road Vehicles?

The goal of ISO SAE 21434 is to build upon functional safety standard ISO 26262 and provide a framework similar to it for the entire life cycle of road vehicles. The major components of this new standard include security management, project-dependent cyber security management, continuous cyber security activities, associated risk assessment methods, and cyber security within the concept product development and post development stages of road vehicles.

logsign

What is MITRE ATT&CK Framework?

If you are in the IT and/or cybersecurity, you must have heard of MITRE ATT&CK framework at least once but do you actually know what it is? Keep reading to learn! The ATT&CK network is developed by the MITRE Corp roughly seven years ago to offer crucial information, support and threat tactics to those who work in cyber security. ATT&CK framework is a living document that grows and gets updated every day.

Image

The 5 Biggest Security Operations Trends Shaping Today's MSSP

While opportunity has never looked brighter for MSSPs, they are still under obligation to solve the very security challenges so many enterprises and SMBs count on them for, all while recognizing that each client environment requires unique attention. This is no easy feat, especially as competition grows and customer expectations become more exacting.
tripwire

Deepfake Voice Technology Iterates on Old Phishing Strategies

As the world of AI and deepfake technology grows more complex, the risk that deepfakes pose to firms and individuals grows increasingly potent. This growing sophistication of the latest software and algorithms has allowed malicious hackers, scammers and cyber criminals who work tirelessly behind the scenes to stay one step ahead of the authorities, making the threat of attacks increasingly difficult to both prepare for and defend against.

tripwire

How Cybersecurity Leaders Can Understand the Value of Their Organization's Security Solutions

Information Security leaders have to demonstrate the value and purpose for each solution that’s purchased and prove the solution that was chosen is doing the job it was procured to do. Executives are therefore requiring Information Security leaders to prove the value of the solutions in ways they understand. They need to see the value not in security metrics but in dollars and cents.

Featured Post

Container Inspection: Walking The Security Tightrope For Cloud DevOps

Containers are at the forefront of software development creating a revolution in cloud computing. Developers are opting for containerization at an impressive rate due to its efficiency, flexibility and portability. However, as the usage of containers increases, so should the security surrounding it. With containers comprising of many valuable components it is of the utmost importance that there are no vulnerabilities exposed when developing applications, and risks are mitigated before containers, and their contents, reach the end-user.
nightfall

4 Ways CASBs Differ from Cloud DLP

CASBs have traditionally been a popular option for enterprises seeking to secure their data. Both Gartner and Forrester predict that cloud security will continue to be a growing market through the end of 2023. Gartner projections foresee a 20% increase in CASB usage at large enterprises by 2022, while according to Forrester, cloud security will become a $112.7B market by 2023.

Why Should You Care About Bots?

Humans have become a minority of internet users, with automated bot traffic accounting for more than half of all internet traffic. The bots are becoming more sophisticated as they seek to evade detection. This webinar will reveal the true extent of the bot problem and what you can do to solve it with a pioneering approach to bot management, powered by machine learning that identifies even the most sophisticated bots by their behaviour.

The Future of Cyber Security Manchester: What Are Bot Attacks?

Netacea's General Manager, Nick Baglin, talking about a new approach to bots and account takeover at The Future of Cyber Security Manchester 2019. This presentation will reveal the true extent of the bot problem and what you can do to solve it using behavioural machine learning that identifies even the most sophisticated bots.

Fighting back at bots with Scott Helme

Humans have become a minority of internet users, with automated bot traffic accounting for more than half of all internet traffic. However, most businesses do not know the composition of their web traffic, or what that traffic is doing on their websites. A trillion-dollar cyber-crime business has been born out of this environment, at the expense of organisations around the world. As the cyber threat grows, the internet is becoming increasingly unfair and driving businesses to spend roughly $88bn on cybersecurity, with this figure predicted to increase by 1,200% to $1tn in 2021.

When robots strike: The hidden dangers of business logic attacks

When organisations consider how to protect their web applications from attacks, they often focus on security scans and pen tests to identify technical security flaws. While this is absolutely correct, there is another risk that often remains undetected until it is too late: business logic attacks.

Uncovering Bots in eCommerce Netacea Webinar

Up to 40% of traffic to an eCommerce site consists of automated bot traffic, but many eCommerce sites lack the visibility required to accurately identify human traffic vs. good and bad bots. Watch the webinar recording and hear from guest speakers from leading eCommerce organizations who discuss what bots mean for them in 2020, the challenges facing technology leaders and their approaches to managing bot traffic.
veriato

Employee PC Monitoring Software

You never have to wonder about what your employees are doing during work hours again. With Veriato, the most robust PC monitoring software on the market, you can monitor every digital move your employees make, regardless of whether they are working in the office or at home. It’s never been easier to keep track of your employees’ digital activity thanks to Veriato.

cygilant

Cybersecurity Experts Discuss: Plan Your Use Cases

In our fourth post featuring Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint, we summarize why you need to plan your cybersecurity use cases. Whether you are launching a new cybersecurity program or looking to improve your existing one, a SIEM should play a large part in it’s success. However, it’s important to start small. Don’t get a SIEM in place and simply turn on every dashboard or alert rules on the first day.

calligo

GDPR Staff Awareness Training

When it comes to protecting your organization from IT security threats and cyberattacks, your staff are one of your biggest vulnerabilities. For data protection and data privacy compliance, it is no different. On May 25, 2018, the General Data Protection Regulation (GDPR) was passed by the European Union (EU). It imposes strict data protection obligations on any organization who target and/or collect data of EU citizens.

logsign

Best Practices for Security in SSH

Secure Shell (abbreviated as SSH) is a network protocol that aims to offer an extra layer of protection. In this article, we will discuss how you can ensure the security of your network using SSH. Keep reading to learn more! With the advancements in technology, many business processes we carry out today heavily relies on the internet, online tools and connected devices.

Image

The DevOps Guide to Appsec

Web app attacks remain the #1 vector exploited in successful breaches. With agile development, apps run the risk of creating new vulnerabilities or perpetuating old ones on a weekly, daily, even hourly basis, security and risk managers need to step up a programmatic response. Fortunately there's a new, collaborative model for Appsec that organizations can operate in a mostly automated manner. Download our useful DevOps guide and learn how best to operationalize security testing in an agile process.
Image

10 AWS Best Security Practices Guide

More and more companies choose to migrate to a Cloud infrastructure to take advantage of new resources, an elastic storage power and agile deployment, nevertheless IT professionals are not always trained to secure these new technologies. Like traditional infrastructures, a public Cloud infrastructure services requires the implementation of security measures and controls by their users. Enterprises must adapt their security policy to these new technologies to reap the Cloud benefits without increasing their cyberattacks exposure area.
nightfall

Nightfall Data Loss Prevention makes HIPAA Compliance Possible

Covered entities bound by law to follow HIPAA regulations – like healthcare providers, health plans, and others handling protected health information (PHI) – need to demonstrate efforts to secure PHI. The specific measures required to do so are detailed in the HIPAA security rule which states that covered entities must put controls into place to identify and protect against anticipated threats to the security and integrity of PHI.

netskope

You Can Run, But You Can't Hide: Detecting Malicious Office Documents

Malicious Microsoft Office documents are a popular vehicle for malware distribution. Malware families such as Emotet, IcedID, and Dridex use Office documents as their primary distribution mechanism. Several recent Emotet attacks used a novel approach to sending email baits and hosted the malicious documents in cloud apps to increase their success.

ForgeTalks | What are Containerized Directory Services?

Welcome back to another episode of ForgeTalks. This week we tackle how to help organizations prepare for unexpected spikes in consumer demand. I sat down with ForgeRockers Jeff Carpenter, director of product marketing and Ludovic Poitou, director of product management, to discuss the importance of scalability for millions of identities. They explained how our Containerized Directory Services can help you handle massive transaction volumes and millions of identities at thousands of transactions per second.
cygilant

Cybersecurity Experts Discuss: Frameworks & MITRE ATT&CK

Ben Harrison, Director SOC and Security Services, Cygilant and Jake McCabe, CISSP, Presales Director, LogPoint continue their discussion on modern SOC and SIEM by discussing frameworks. There are many cybersecurity frameworks examples, including NIST and ISO 27001, which provide a roadmap for organizations to protect themselves and their customers. The majority of these frameworks include SIEM, log management, and security detection.

calligo

Microsoft 365 vs G Suite - Who to trust with your data privacy

Microsoft 365 (formally known as Office 365) and G Suite are two of the most prominent cloud-based business productivity tools available. With so much increased demand for accessible cloud-based platforms, choosing between Microsoft 365 vs G Suite has never been a more prevalent decision for business owners and IT managers. But also data protection officers (DPOs).

zeronorth

How ZeroNorth is driving the DevSecOps revolution for the good of software

Where software was once on the sidelines of organizational success today, it is front and center—with businesses under more pressure than ever before to deliver more software, at greater speed, with better quality. But as the DevOps movement has accelerated to address these challenges head on, and the processes for developing software have become more distributed, responsibility for securing these applications has splintered.

veracode

5 Lessons About Software Security for Cybersecurity Awareness Month

October is cybersecurity awareness month, and this year, the overarching theme is “Do Your Part. #BeCyberSmart.” When considering what “cybersmart” means in application security, we realized we unearthed some data this year that made us a little cybersmarter and could help other security professionals and developers increase their AppSec smarts as well. We’re sharing those data gems below.

The Devil's in the Dependency: Data-Driven Software Composition Analysis

We all know that lurking within even the most popular open source packages are flaws that can leave carefully constructed applications vulnerable. In fact, 71% of all applications contain flawed open source libraries, many (70.7%) coming from downstream dependencies which might escape the notice of developers. Using graph analytics and a broad data science toolkit, we untangle the web of open source dependencies and flaws and show the best way for developers to navigate this seemingly intractable game of whack-a-mole.
WhiteSource

Eclipse SW360: Main Features

Over five years ago, Adrian Bridgwater wrote a Forbes article pronouncing that “If Software Is Eating The World, Then Open Source Will Chew It Up (And Swallow).” That statement is just as true today. Open source components have become a basic building block for software developers, providing them with ready-made solutions from a vast community that help them keep up with today’s speedy and frequent release cycles.

nnt

Change Management's 'Dirty Little Secret'

Change Management is blind. It is a key IT Service Management process and, undeniably, it's beneficial to plan and schedule changes. But Change Management’s ‘dirty little secret’ is that, despite the comfort blanket of documentation and approvals, you never know what’s really going on. You have no idea what was actually changed, either during the Change Window or at any other time.

Sponsored Post
eventsentry

Validating your IT environment, discovering browser extensions & more with EventSentry v4.2

This latest update to EventSentry improves your security posture with validation scripts, simplifies IT troubleshooting for both administrators and users, gives you visibility into installed browser extensions along with many other usability improvements in the web reports.

alienvault

Get smart and stay safe: Best practices to protect you from digital financial fraud

The past two years have seen a 391% rise in fraudulent attempts that target digital transactions around the world. The research carried out by TransUnion also saw a specific increase of 347% in relation to account takeover so the average consumer needs to up their understanding of financial fraud risks. When data breaches and cyberattacks occur, it impacts society in various ways like lowering consumer trust and damaging foreign politics.

tripwire

How Tripwire Custom Workflow Automation Can Enhance Your Network Visibility

Tripwire Enterprise is a powerful tool. It provides customers insight into nearly every aspect of their systems and devices. From change management to configuration and compliance, Tripwire can provide “eyes on” across the network. Gathering that vast amount of data for analysis does not come without challenges. Customers have asked for better integration with their processes and third-party tools.

tripwire

Achieving Compliance with Qatar's National Information Assurance Policy

Qatar is one of the wealthiest countries in the world. Finances Online, Global Finance Magazine and others consider it to be the wealthiest nation. This is because the country has a small population of under 3 million but relies on oil for the majority of its exports and Gross Domestic Product (GDP). These two factors helped to push the country’s GDP measured at purchasing power parity (PPP) to over 132,886, per Global Finance Magazine’s findings in August 2020.

netacea

The Most Disruptive Black Friday Outages of 2019

Major eCommerce businesses experienced technical difficulties on their websites during Black Friday 2019. And this isn’t something retailers can afford, when Black Friday is traditionally the day retailers roll out their biggest online discounts. As Black Friday approaches, many websites will see a spike in traffic which means an increase in bot activity. Are bots hiding in your holiday traffic?

ekran

Data Protection Compliance for the Insurance Industry

Insurance companies are desirable targets for cyber attackers because they work with sensitive data. To ensure the safety of customers’ personal information, insurance companies have to follow strict data protection requirements. These requirements oblige companies to implement the best cybersecurity practices or face considerable fines for non-compliance. In this article, we discuss data protection compliance for insurance companies and how to safeguard customer data.

cygilant

Cybersecurity Experts Discuss: Demonstrable Customer Security Value

These four words embody a modern SOC and security service. Security is a game of trust and reputation. All SIEM and SOCs must demonstrate customer security value to instill confidence. Your service and tools must offer a monthly heartbeat and flexibility to deliver what customers want from security in a format they can consume.

logsign

Data Management on Logsign SIEM: What you must know

Log data plays an unparalleled role in the operation and functioning of a SIEM solution. Or in other words, logs are intrinsic for an effective SIEM solution. Without incoming log data from a variety of different sources in your IT infrastructure, a SIEM essentially becomes useless. In our previous posts, we have explored a variety of features of Logsign SIEM concerning dashboards, reports, search queries, alerts, and behavior definitions.

sqreen

Local File Inclusions, explained

When building a web application, developers must focus on both user functionality and user security. A single security issue can have a dramatic impact on the credibility of your organization and the security of your users. Server-side scripting languages, like PHP and JavaScript, use inclusions to open files. An “inclusion” refers to dynamically loading a file that your application needs.

egnyte

How to Safely Collect and Store Patient Data

With telemedicine, cloud storage, and electronic record-keeping on the rise, patient data has found itself a common target for hackers. As a result, healthcare organizations must adapt and become even more diligent in their protection of sensitive patient and financial data. Fortunately, the right technology and protocols can minimize your risk of attack and help keep your patient data secure. This post covers the most important security factors for collecting and storing patient information.

redscan

A guide to the OWASP Top 10 Web Application Security Risks

Recognised by developers and security professionals around the world, the OWASP Top Ten outlines key vulnerabilities which affect web application security. It was created by the Open Web Application Security Project (OWASP), a not-for-profit foundation which supports organisations to improve the security of their web applications. First published in 2003, the Top 10 is updated every three years, with OWASP currently accepting submissions to help produce the next iteration of the framework.

netskope

It's All About Access: Remote Access Statistics for Public Cloud Workloads

“The more things change, the more they stay the same.“ In the recent Equinix breach in September 2020, 74 RDP servers were exposed to the Internet. Any publicly exposed ports are a risk but remote access protocols such as RDP have had their share of critical vulnerabilities (e.g., BlueKeep in 2019).

bearer

How Your Business Can Benefit From Card Issuing APIs

FinTech isn't new, but the reach of its usefulness continues to spread into unexpected areas. One such area is card issuing. Card issuing is the ability of financial institutions to issue debit or credit cards—either physical or virtual. This might not seem like much, but when combined with new business needs and consumer trends we start to see interesting use cases crop up.

cygilant

Cybersecurity Experts Discuss: Doing the Basics Well

In a series of blogs, we cover why a modern SIEM and SOC are essential in fighting today's cyber threats. Here is a summary from a discussion between Ben Harrison, Director SOC and Security Services, Cygilant and Jake McCabe, CISSP, Presales Director, LogPoint. The cornerstone of a modern SOC and modern SIEM is that the basics are not forgotten. The essence of good security is doing the basics well.

synopsys

The BSIMM: Five key steps to a better software security initiative

If you care about software security—and you should, since to be in business today means that no matter what you do or produce, you’re also a software company—you should be interested in the Building Security In Maturity Model (BSIMM). It can serve as a roadmap to better security.

styra

Using Open Policy Agent to safeguard Kubernetes

Open Policy Agent addresses Kubernetes authorization challenges with a full toolkit for integrating declarative policies into any number of application and infrastructure components. As more and more organizations move containerized applications into production, Kubernetes has become the de facto approach for managing those applications in private, public and hybrid cloud settings.

alienvault

Insider threats: What are they and how to prevent them

Companies need to establish a secure system to avoid insider threats and other online issues that could destroy a business. There are different online threats that businesses face every day. The most common of which is phishing attacks were the victim accidentally clicks on an unsafe link and log in. Other commonly known threats to businesses are malware, ransomware, weak passwords, and insider threats. Most of these online attacks are due to what is known as insider threats.

tripwire

Zerologon: Tripwire Industrial Visibility Threat Definition Update Released

Today, we released a Threat Definition Update bundle for our Tripwire Industrial Visibility solution to aid in the detection of Zerologon. Otherwise known as CVE-2020-1472, Zerologon made news in the summer of 2020 when it received a CVSSv3 score of 10—the most critical rating of severity. Zerologon is a vulnerability that affects the cryptographic authentication mechanism used by the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory.

tripwire

File Integrity Monitoring (FIM): Your Friendly Network Detective Control

Lateral movement is one of the most consequential types of network activity for which organizations need to be on the lookout. After arriving at the network, the attacker keeps ongoing access by essentially stirring through the compromised environment and obtaining increased privileges (known as “escalation of privileges”) using various tools and techniques. Attackers then use those privileges to move deeper into a network in search of treasured data and other value-based assets.

Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks.

Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks with PJ Norris, Senior Systems Engineer. Shares new research Shows common mistakes Offers solutions that help with hardening and compliance in the cloud
synopsys

Announcing Polaris support for GitHub Actions

Security and development teams are increasingly adopting DevOps methodologies. However, traditional security tools bolted onto the development process often cause friction, decrease velocity, and require time-consuming manual processes. Manual tools and legacy AppSec approaches limit security teams’ ability to deliver the timely and actionable security feedback needed to drive improvements at the pace of modern development.

veracode

Veracode Makes DevSecOps a Seamless Experience With GitHub Code Scanning

Developers face a bevy of roadblocks in their race to meet tight deadlines, which means they often pull from risky open source libraries and prioritize security flaws on the fly. In a recent ESG survey report, Modern Application Development Security, we saw that 54% of organizations push vulnerable code just to meet critical deadlines, and while they plan for remediation on a later release, lingering flaws only add to risky security debt.

logsign

SIEM Alerts Best Practices

Security Information and Event Management (SIEM) tools play a vital role in helping your organization in discovering threats and analyzing security incidents. Logsign’s internal team continuously makes correlation rules and alerts so that your team’s workload is minimized. In our previous posts, we discussed generating important reports and deriving maximum possible benefits from use cases. In this article, we will be discussing SIEM alerts best practices.

tripwire

Zero Trust Architecture: What is NIST SP 800-207 all about?

“Doubt is an unpleasant condition, but certainty is an absurd one.” Whilst I claim no particular knowledge of the eighteenth-century philosopher Voltaire, the quote above (which I admit to randomly stumbling upon in a completely unrelated book) stuck in my mind as a fitting way to consider the shift from traditional, perimeter-focused ’network security’ thinking to that of ‘ZTA’ (Zero Trust Architecture.)

alienvault

Deep packet inspection explained

Deep packet inspection (DPI) refers to the method of examining the full content of data packets as they traverse a monitored network checkpoint. Whereas conventional forms of stateful packet inspection only evaluate packet header information, such as source IP address, destination IP address, and port number, deep packet inspection looks at fuller range of data and metadata associated with individual packets.

tripwire

Ransom Payments Could Result in Civil Penalties for Ransomware Victims

Victims of ransomware attacks could potentially receive civil penalties for making ransom payments to a growing list of threat actors. On October 1, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) revealed that it could choose to impose civil penalties on ransomware victims who make ransom payments to malicious actors whom it has designated under its cyber-related sanctions program.

nightfall

Industry Watch: How the Pandemic is Changing Cybersecurity

The pandemic has touched virtually every aspect of life, and cybersecurity is no different. A new threat intelligence and cybersecurity status report from Microsoft shows how businesses around the world are changing their approach to cybersecurity to protect user data and systems as more and more teams work remotely. Here’s how the pandemic has changed cybersecurity, and what your business can do differently to protect your data as the situation evolves.

nightfall

Secure Customer and Employee Data with Nightfall's Data Loss Prevention

It’s estimated that more than 27 billion records were exposed in the first half of 2020, despite the decrease in number of reported breach events from 2019. This trend of data breach events is becoming more severe with the average cost and size of a data breach increasing year over year. The severity of modern data breaches presents a serious risk to companies looking to protect the data of stakeholders such as customers and employees.

nightfall

Protect credentials and secrets with Nightfall DLP

Sensitive data like credentials and secrets are in constant danger of exposure, and this is especially true in the cloud. Due to the highly collaborative and always-on nature of cloud services, they tend to be environments where security best practices are hard to enforce without either lots of time and effort or automated controls.

upguard

Bitbucket vs GitHub [Updated for 2020]

If you boil it down to the most basic difference between GitHub and Bitbucket, it is that GitHub is focused around public code and Bitbucket is for private. GitHub has a huge open-source community and Bitbucket tends to have mostly enterprise and business users. Bitbucket vs Github: Two of the largest source code management services for development projects, offering a variety of deployment models from fully cloud-based to on-premise. Historically, they have taken different approaches to private vs.

wandera

Why enterprise VPN is being targeted by criminals

Gone are the days when attacks were orchestrated to earn credibility within the hacker community, according to the 2020 Verizon Data Breach Report over 80% of breaches are financially motivated. Cybercriminals use attacks that will have the most impact, seeking the easiest way to get the most reward. VPN services are both easy to exploit and the attacks can have large returns.

logsign

Logging of security events in SIEM

Effective logging of events and activities in an organization’s technical infrastructure exponentially boosts the capabilities of its SIEM solution. In this article, we explore how logs are leveraged in a SIEM solution. First off, log entries can be helpful for multiple purposes such as security, performance analysis, troubleshooting, etc. Considering the size of a modern enterprise’s IT technical infrastructure, monitoring the network alone is not a favorable approach.

egnyte

Securely Growing Sales with Egnyte and Salesforce

When a company was directed by its board to grow revenue, the sales process badly needed to be improved. Hiring new sales staff simply is not enough, and rarely cost-effective. Confronted with this big task, sales teams and IT teams look for a solution that works with their existing ecosystem of tools. While seeking to revamp his sales processes, there are so many options, many companies don’t know where to start.

tripwire

What to do first when your company suffers a ransomware attack

For many companies it would be a nightmare to discover that they are the latest unwitting victim of a ransomware attack, capable of crippling computer systems and locking up data if a payment isn’t made to cybercriminals. There’s no magic wand that can make a ransomware attack simply disappear with no impact at all on an organisation, but you can lessen the problem by carefully following tried-and-trusted steps in the immediate aftermath of an attack.

nightfall

Nightfall's Data Loss Prevention Stops Cloud Data Exfiltration

Data exfiltration — the risk of your data ending up somewhere it doesn’t belong — remains one of the greatest data security concerns. This risk is only worsened by the fact that as companies migrate their data into the cloud, they struggle to maintain the visibility needed to ensure their data remains secure.

netskope

The Future of Work: Enabling the Not-so New Normal

At this point in the pandemic, you’re probably tired of everyone referring to remote working as “the new normal.” Large companies like Facebook, Google, and Twitter have already announced that they will be working from home until the end of 2020 at the earliest, or as far out as August 2021. So, if these companies are any indication, we will all still be working from home for the foreseeable future.

upguard

What Are Cloud Leaks?

It seems like every day there’s a new incident of customer data exposure. Credit card and bank account numbers; medical records; personally identifiable information (PII) such as address, phone number, or SSN— just about every aspect of social interaction has an informational counterpart, and the social access this information provides to third parties gives many people the feeling that their privacy has been severely violated when it’s exposed.

upguard

FireEye vs Fortinet for Continuous Security

How does the fourth-largest network security company by revenue hold up against the first cybersecurity firm certified by the U.S. Department of Homeland Security? Fortinet's appliances and next generation firewalls (NGFW) have made it a category leader in unified threat management (UTM); let's see how they stack up against FireEye's comprehensive suite of enterprise security solutions.

cygilant

Happy National Cybersecurity Awareness Month

Happy October! Did you know that October is National Cybersecurity Awareness Month (NCSAM)? In fact, this is the 17th year that the Cybersecurity and Infrastructure Agency (CISA) and the National Cybersecurity Alliance (NCSA) have joined forces to help raise awareness about the importance of cybersecurity to businesses. This year’s theme, “Do Your Part. #BeCyberSmart” is a great reminder for both individuals and organizations to own their role when it comes to cybersecurity.

zeronorth

Don't Look Now but National Cybersecurity Awareness Month (NCSAM) is Here

This month marks the 17th anniversary of National Cybersecurity Awareness Month (NCSAM), a joint effort between industry, government and the public to raise awareness about the importance of keeping sensitive information safe and secure online. Sixteen years is a long time. If NCSAM was a teenager, it would be allowed to drive in most states!

veracode

96% of Organizations Use Open Source Libraries but Less Than 50% Manage Their Library Security Flaws

Most modern codebases are dependent on open source libraries. In fact, a recent research report sponsored by Veracode and conducted by Enterprise Strategy Group (ESG) found that more than 96 percent of organizations use open source libraries in their codebase. But – shockingly – less than half of these organizations have invested in specific security controls to scan for open source vulnerabilities.

veracode

Hot off the Press: Veracode Named a 2020 Gartner Peer Insights Customers' Choice for AST

Veracode has been officially recognized by Gartner Peer Insights as a 2020 Customers’ Choice for Application Security Testing. The report includes Veracode’s aggregate score of 4.6 out of 5 stars out of 95 independent customer reviews (as of July 31, 2020), and of the reviewers, 92 percent said that they would recommend Veracode’s AST solutions. Veracode, the largest global provider of application security (AST) solutions.

WhiteSource

Why Manually Tracking Open Source Components Is Futile

Open source is everywhere. Everyone is using it. Open source code is found in almost every proprietary software offering on the market and is estimated to make up on average 60%-80% of all software codebases in 2020. Why the proliferation? Open source libraries help developers write code faster to meet the increasingly shorter release cycles under DevOps pipelines. Instead of writing new code, developers leverage existing open source libraries to quickly gain needed functionality.

sqreen

From ManoMano: How do we detect vulnerabilities in our Web Applications?

Spotting vulnerabilities in your Web App before they get exploited by an attacker is definitely a complex problem. Different technologies have been introduced in the market to ease the work of security software engineers – SAST, DAST, and RASP. Those tools intervene in different states of the pipelines, and run different checks, but they all share the same purpose: detecting security vulnerabilities while minimizing the number of false positives.

idcentral

Digital Transformation - A key tenet of business resilience strategy in 2020

If 2020 were to be described in one word then I would call it unpredictable or uncertain. There was a time when hand-crafted was preferred but as the nature showed it real face; Un-touched by hands became highly appreciated. Amidst all these changes the businesses had to build a business resilience strategy. In the wake of the pandemic, business resilience strategies adopted by companies are the superheroes saving the falling GDP. They say the best angle to approach a problem is a Try-angle!

stackrox

Four Container and Kubernetes Security Risks You Should Mitigate

Faster application development and release, quicker bug fixes, and increased feature velocity are three of the most often cited benefits of containerization. However, when security becomes an afterthought, you risk diminishing the greatest gain of containerization – agility. Rolling out an application that hasn’t passed a security assessment puts the business at too great a risk.

stackrox

EKS vs GKE vs AKS - Evaluating Kubernetes in the Cloud

We are now six years past the initial release of Kubernetes, and it continues to be one of the fastest-growing open-source projects to date. The rapid development and adoption of Kubernetes has resulted in many different implementations of the application. The Cloud Native Computing Foundation (CNCF) currently lists over 100 certified Kubernetes distributions or platforms. To ensure some consistency between platforms, the CNCF focuses on three core tenets ;

Image

Wireless Security: Internet of Evil Things

We surveyed over 200 security professionals at the 2020 RSA conference to delve deeper into the dangers of rogue access points and understand how security professionals are tackling wireless security. Our data highlights their main concerns and the key trends from IT and network security professionals on the wireless security frontline. Key findings in the 2020 Internet of Evil Things report: Download the 2020 IoET Report to uncover valuable wireless security insights to help protect your organization's network airspace in the future.
Image

PSD2 & API Security

The second Payment Services Directive (PSD2) is a data-driven legislation introduced by the European Union (EU) in 2015, with which all payment service providers (PSPs) throughout the EU and beyond must comply. PSD2 expands the scope of 2007's PSD, a directive implemented to make payments across borders as easy, secure and inexpensive as domestic payments. However, a short eight years later, innovations in technology and the prevalence of fintech have created new challenges for the payments industry to address.

Achieve PCI DSS Compliance With Seeker

More than 11.5 billion records with sensitive information were breached between January 2005 and January 2019 (PrivacyRights.org). If your business stores, processes, or transmits cardholder data, it's imperative that you implement standard security procedures and technologies to prevent the theft of this sensitive information. Start by ensuring you're in compliance with the technical and operational requirements set by the Payment Card Industry Data Security Standard (PCI DSS).
Image

Best Practices for Reducing Web Services and API Risks in M&A

Just like most software assets contain open source, modern software applications commonly link to external web services via APIs. But developers using web services might not have a suitable agreement to do so, and they may be inadvertently signing their companies up to terms of service. This white paper covers the types of risk associated with web services and how they can affect an M&A transaction.