Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Is Slack Secure? Vulnerabilities and Solutions

Slack has become one of the most integral platforms for businesses over the last decade, with more than 12 million users currently active. Despite its popularity, however, there are some Slack security concerns that linger from the platform’s 2015 security breach. Here’s what you need to know about Slack security and how to protect your sensitive information on the platform.

Adversary emulation with Prelude Operator and Elastic Security

It’s no secret that organisations are up against skilled, relentless and determined adversaries. Security operations teams need to continuously test their detection capabilities by carrying out adversary emulation plans that are made up of varying tactics, techniques and procedures (TTPs) and track key metrics of their coverage in order to close any existing gaps. There are many tools available for running adversary emulation plans and performing purple team exercises.

New Devo report shows organizations how to embrace the cloud for better security outcomes

Devo recently published a new research report Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, based on a survey conducted by Enterprise Strategy Group (ESG). ESG surveyed 500 IT and security professionals working in the security operations center (SOC) chain of command at organizations with more than 1,000 employees in North America and Western Europe. The survey took place in the first quarter of 2021. This is the first in a series of posts about the report.

Data privacy laws drive urgency to create a data security strategy

With the introduction of more data privacy laws, companies can use a data security strategy and framework to help them achieve better compliance. This is the second post in a data protection blog series that addresses how organizations can better protect their sensitive data. This blog post addresses data privacy laws, frameworks, and how organizations can create their own data security strategies and frameworks to achieve compliance with today’s data privacy laws and standards.

Five worthy reads: Confidential computing - The way forward in cloud security

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In light of rising concerns over cloud cybersecurity, this week we explore the concept of confidential computing. The past year has seen strong adoption of cloud technologies due to accelerated digital transformation and a cloud-first approach in business.

Penetration Testing: A How-to Guide for Enterprises

Penetration testing is the cornerstone of any cyber security strategy, yet enterprises often don’t get an optimal outcome from their pen test engagements. In this blog I’ll be looking at the three main reasons behind this, and also suggesting an alternative way of working that could vastly improve security outcomes whilst also increasing business value.

Proprietary vs Open Source: Which Software is Better for Your Company Security? (Webinar Cuts)

Proprietary and open source security products each have their own benefits. Proprietary products often have a smaller learning curve which can lead to more efficient learning and operational practices. Open source products can be deployed by anyone without the need for licenses and/or commitments which is ideal for organizations that rely on a wide range of third parties to provide services and products.