May 2021


Data Loss vs. Data Leaks: What's the Difference?

Data loss refers to the unwanted removal of sensitive information either due to an information system error, or theft by cybercriminals. Data leaks are unauthorized exposures of sensitive information through vulnerabilities on the digital landscape. Data leaks are more complex to detect and remediate, they usually occur at the interface of critical systems, both internally and throughout the vendor network.

Working From Home - Is It Safe? (Cybersecurity Roadmap Webinar Cuts)

It is no secret that cybersecurity has grown in importance, especially in a work-from-home world. During this webinar, we review several important security solutions and hires to add to your 2021 roadmap, as well as tips on how to defend the need for them in front of senior management or the board.

How can eCommerce portals make shopping secure?

ECommerce security protects your company and customer data from cyber-attacks and malicious bots. As an eCommerce business owner, you must ensure that all data is handled securely to avoid a breach. Poor eCommerce security can have many negative impacts on a business. Customer trust relies on great customer experience, and when customers enter their personal details into your website, they expect it to be protected.


An Introduction To Cloud Security Posture Management (CSPM)

Many organizations are equipped to handle insider threat and external, common well-known challenges (like malware, for instance). These so-called “intentional” threats can be addressed through proactive security measures and best practices. But what about the unintentional risks that come with operating in a cloud-first environment? Unintentional mistakes, such as misconfiguring cloud infrastructure, can be equally devastating.


How to Comply with CPS 234 (updated for 2021)

Prudential Standard CPS 234 Information Security (CPS 234) is an APRA prudential standard. Australian Prudential Regulation Authority’s (APRA) mission is to establish and enforce prudential standards designed to ensure that, under all reasonable circumstances, financial promises made by its regulated entities are met within a stable, efficient, and competitive financial services sector.


The Colonial Pipeline ransomware attack and the reported demise of DarkSide

On Friday, 7th May, the organisation confirmed that a ransomware attack had forced it to shut down all its IT infrastructure – an infection attributed to the DarkSide cybercrime gang. However, just one week later, amid reports that a ransom of around $5 million had been paid out, DarkSide announced that it had stopped operating entirely.


Complete Cyber Security Jargons by Appknox

Cyberattacks are getting common and their impact is quite severe. Security breaches are no longer limited to a few large tech companies. Cybercriminals have rapidly altered tactics and started targeting several Small and Medium Enterprises (SMEs) as well. Today, companies, big or small, are targets of ransomware, viruses, malware, bots etc. Hence, it is important to understand some of the common cybersecurity keywords or jargon.


Asymmetrical threats in Cybersecurity

Security and defense theory are inextricably entwined. Consider medieval castles. They were designed as a defensive mechanism that provided security to those within, most of whom were simply civilians hiding behind the walls for protection from invaders. Within cybersecurity, multiple concepts from defense and war theory can be applied to better address the cyber risks facing organizations. In fact, the term Bastion Host refers to a Bastion which has very militaristic connotations.


How mob programming and sourcing jams activate collaboration at Detectify

Collaboration Rules is a company core value and at the heart of Detectify. It drives innovation and productivity in our organization, and activates our ability to build products to drive the future of internet security. Two of the methods we use for collaborating are Mob Programming in Engineering and Sourcing Jams in the Talent Acquisition team. At Detectify, collaboration is the way forward, and let’s dive into these use cases and our learnings.


Do you need a DPA from subprocessors?

When it comes to GDPR compliance, contracts are some of the most powerful tools you have to show to regulators. They allow you to receive legal guarantees from your service providers and third parties that protect you from liability in the event of a breach in compliance. You aren’t off the hook for everything, but at the very least you won’t be liable for negligence.


Shift-Left Testing: What It Is and How It Works

If your development team isn’t yet using shift-left testing, you could be wasting time, money, and energy. Teams that practice shift-left testing are able to identify potential roadblocks early in the process, change scope when needed, and improve design to avoid buggy code. When a bug does occur, it can be identified and dealt with quickly so as not to impact the project later on. Shift-left testing proposes to help agile teams become more agile.


How secure is your Magento website?

There are more than 250,000 merchants using the Magento open commerce platform around the world, resulting in millions of users accessing a Magento website every day. That was before the Covid-19 pandemic hit and drove a colossal surge in online activity and, unsurprisingly, consumers significantly exceeded spending predictions. In 2019 there were two days of digital sales that reached $2 billion, and in 2020 there were more than 130.

Logsign SOAR

The Logsign Security Orchestration, Automation, and Response (SOAR) provides you to streamline your security operations & improve the maturity of your security stack on a centralized and comprehensive platform. Automate your workflows, orchestrate your tools and people, reduce response times.

What is Application Vulnerability Correlation and Why Does it Matter?

As applications become more complex, and attack vectors grow more sophisticated, the critical importance of comprehensive software security testing emerges. These days, application testing has become synonymous with risk mitigation, as organizations continue to embrace security at all stages of the software development life cycle (SDLC). This effort includes automation, which helps to reduce the labor of testing and ensures applications are secured without impacting velocity.


Press Release: LogSentinel's participation in the project for support and growth of SMEs has ended successfully

28th May 2021 Sofia, Bulgaria – LogSentinel, the innovative provider of cybersecurity solutions, announced that its participation in the project for support and growth of small and medium enterprises (SMEs) through the implementation of voucher schemes by BSMEPA has ended successfully.


Improving Web Security User Experience with HTTP/2

More than half of websites today support HTTP/2 for an improved user experience as web developers continue to move off HTTP 1.1. That’s for several good reasons. HTTP 1.1 can support six concurrent TLS tunnels with one session each to download web objects in popular web browsers, but HTTP/2 uses multiplexing to support thousands of sessions in one TLS tunnel and download web objects much faster.


Code Blue: Healthcare Security in the Age of 5G and Remote Work

Last year was an especially stressful time for healthcare systems. Not only were emergency rooms overwhelmed by patients, a number of them were also hit by system-crippling cyberattacks. According to Comparitech, in 2020 alone, 92 ransomware attacks affected over 600 healthcare organizations, exposing more than 18 million patient records. These attacks brought operations to a standstill for days or weeks at a time, costing the healthcare industry an estimated $20.8 billion.


Top Tips for Technical Due Diligence Process

We all dream of creating the next big thing: getting that investment that will help us over the finish line, landing a partnership with one of the big players, or getting acquired by a global enterprise. But as we race to keep ahead of the market and surprise our customers with bigger and better offerings than they ever imagined, we have to pass that dreaded series of hurdles: technical due diligence.


Ways to setup Squid proxy server and helpful tips

A squid proxy server has two major functions. First, it is an intermediary proxy. Second, it provides cache services for popular network protocols including HTTP and FTP. The use of proxies and cache services makes up a better internet user experience. Proxies provide added layers of security and cache services that make loading processes faster. Obviously, getting both services from a single provider is highly efficient.

The New Threat Landscape for Australian Healthcare

The COVID-19 pandemic has fundamentally shifted the cyber threat landscape for Australia’s health sector, with the Australian Cyber Security Centre (ACSC) reporting a 84% increase in the number of cyber security incident reports relating to the health sector between 2019 and 2020.1 As custodians of vast volumes of highly sensitive information, the industry continues to find itself at the mercy of cyberattacks that paralyze systems until a ransom is paid—threatening the security of patient d


What Are the HIPAA Standard Transactions?

The Department of Health and Human Services (HHS) defines a transaction as an electronic exchange of information between two parties, to carry out financial or administrative activities related to healthcare. For example, a health care provider will send a claim to a health plan to request payment for medical services.


What is Cybersecurity Risk Management?

Every time you log on to the Internet, you put your IT systems and the data you handle at risk. At the same time, it’s also impossible to run a successful business without going online, so a key element of modern business management is a strong cybersecurity risk management program. Why? Because the only people in the cybersecurity field working harder than software engineers are the criminals trying to find a new way to breach the latest network security measures.


Cryptocurrency scam attack on Twitter reminds users to check their app connections

Are you doing enough to prevent scammers from hijacking your social media accounts? Even if you have chosen a strong, unique password for your online presence and enabled two-factor authentication it’s possible that you’ve overlooked another way in which online criminals could commandeer your social media accounts and spam out a message to your followers.


Expanding the Netskope-Microsoft Relationship: Microsoft Intelligent Security Association

Netskope is proud to be a member of the Microsoft Intelligent Security Association! We provide adeep and effective ability to leverage the Microsoft Azure Information Protection (AIP) and Microsoft Information Protection (MIP) feature sets available to E3 and E5 customers who are connecting not only to Microsoft cloud services, but to a wide range of non-Microsoft cloud storage solutions and Internet services.


Snyk debuts on 2021 CNBC Disruptor 50 List at #15

We are honored to share that Snyk has been named to the ninth annual CNBC Disruptor 50 List, coming in at #15! The full list, unveiled earlier this week, identifies 50 private companies “aligned with today’s rapid pace of technological change and poised to emerge from the pandemic as the next generation of business leaders.” The pandemic accelerated digital transformation and associated cybersecurity concerns.


Protecting data when migrating Confluence and Jira from on-prem to cloud

Atlassian made a big splash in cloud SaaS news when they announced that the company would stop selling new on-prem server licenses as of February 1, 2021. Upgrades of existing server licenses will continue to be available through the third quarter of 2022. Impacted services include Jira Software Server, Jira Core Server, Jira Service Desk Service, Confluence Server, Bitbucket Server, Crowd Server, Bamboo Server, Atlassian-built apps, and Atlassian Marketplace server apps.


The Right Steps to SASE: Gain Awareness and Visibility

The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the second in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture. The first step in solving any problem is admitting there is one.


Elevating the Customer Experience with Expanded OAuth 2.0 and OpenID Connect (OIDC) Support

Consumers are notoriously impatient when it comes to poor digital experiences. According to the ForgeRock: The New Normal survey, 35% of consumers will cancel or delete your app if they have trouble logging into your service. And 32% will switch to your competitor. Ouch!

Overcoming The Challenges Of Selecting An Insider Threat Detection Tool

In a crowded market with so many new products being released, it can often be hard to make sure you're getting the right tool for your organization's security needs. Purchasing an Insider Threat Detection tool for your organization requires extensive research, which can be very time-consuming.

Tripwire Tips and Tricks: Five Things to Do With MITRE ATT&CK

In this session of the Tripwire Tips and Tricks series, you'll learn how to use the MITRE ATT&CK framework to protect your organization from cyberattacks. Tripwire Security Researcher David Lu will walk you through five key use cases for the framework, helping you deepen your understanding of mapping defensive controls to the framework, threat hunting, incident response, and more.

Egnyte and Microsoft Now Empower Co-Editing for Desktop and Mobile

With today’s distributed workforce, it’s essential to have the right tools to collaborate with co-workers. Now with the Egnyte Microsoft Office integration, users can co-edit on Microsoft documents in real-time from the Office Desktop apps. Users now have a choice to use their preferred device.


SASE as a Service: The role of managed services in the world of network security convergence

The next iteration in the history of technology convergence emerged with Gartner’s Secure Access Service Edge (SASE). Networking and security vendors have been integrating capabilities for decades, and market adoption of these integrations has only accelerated due to innovations such as virtualization and cloud computing. From a networking perspective, routing of traffic extends far beyond IP and MAC addresses to now include application steering and transport-agnostic overlay networks.


Seeker and Red Hat: Security and speed come together

Security and speed in software development are not mutually exclusive. Red Hat, the open source software giant, and the Synopsys Software Integrity Group are joining forces to prove it. Synopsys is bringing Seeker®, its automated interactive application security testing (IAST) tool, to Red Hat application runtimes like JBoss EAP, OpenJDK, and WebSphere with OpenShift Container Platform to secure a variety of software applications.


What Is NIST?

NIST is the abbreviated name of the National Institute of Standards and Technology. It’s one of many federal agencies under the U.S. Department of Commerce, and is one of the oldest physical science laboratories in the United States. As a non-regulatory government agency, NIST was originally founded to enable greater industrial competitiveness in the United States. Its focus stems from the mantra, “One cannot manage what is not measured.


Cloud and Threat Report: Gone Phishing

The total number of phishing attacks doubled in 2020, with phishing for cloud credentials, specifically SaaS and webmail app credentials, accounting for nearly a third of the targets of phishing campaigns. Over the same period, we saw cybercriminals hosting 13% of their baits in cloud apps. This blog post summarizes the top phishing trends from 2020 and looks forward at what to expect for the rest of 2021.


Uncovered: Little-known scalper tactics beyond bots

Scalpers are becoming increasingly sophisticated, not just in their use of advanced bots, but also in less obvious ways to get a hold of their desired goods. Here at Netacea we are dedicated to preventing fraud by monitoring, identifying and stopping malicious bots in their tracks. We are so steadfast in this goal that we have even created a MITRE ATT&CK style framework that defines automated attack kill chains – NetBLADE (Netacea Business Logic Attack Definition).


Snyk uncovers supply chain security vulnerabilities in Visual Studio Code extensions

We have been witnessing an ever growing amount of supply chain security incidents in the wild. Everything from open source package managers security flaws being exploited to continuous integration systems being compromised to software artifacts being backdoored. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE.


Deep dive into Visual Studio Code extension security vulnerabilities

To stay ahead of attackers, we constantly monitor various security threats. One of these threats — supply chain attacks — aims to compromise an organization through its software development process. Recently, a huge spike in supply chain attacks was observed — dependency confusion was discovered, the SolarWinds breach was reported and more malicious packages were flagged. This certainly drew our attention (as well as the rest of the world’s)!


Inherent Risk vs. Residual Risk (Quick Explanation)

Inherent risks include all risks that are present without any security controls. Residual risks are the risks that remain after security controls are implemented. Residual risks are inevitable. Even with an abundance of security controls, vestiges of residual risks will remain that could expose your sensitive data to cyber attacks.This is because the proliferation of digital transformation expands the digital landscape, creating more attack vectors.


Devo Insights on the White House Cybersecurity Executive Order

The recent executive order calling for immediate improvements in the federal government’s cybersecurity is impressive. I give the Biden Administration a lot of credit for publicly admitting there are significant problems and weaknesses in the federal government’s IT and cybersecurity infrastructure and practices. The order also includes some key points that are significant for Devo and our customers.

Ask SME Anything: Which legacy technologies are being made obsolete by SASE?

Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

A Fifth of IT Decision-Makers Not Confident in Their OT System Security, Reveals Survey

Attacks against operational technology (OT) and industrial control systems (ICS) grew dramatically in the past few years. Indeed, a 2020 report found that digital attacks against those two kinds of assets increased by over 2000% between 2018 and 2020. Many of those attacks involved vulnerabilities in Supervisory Control and Data Acquisition (SCADA) systems and other ICS hardware components or password spraying techniques.

How to tackle healthcare security threats. Top 6 Healthcare Security Best Practices

Good healthcare security practices – A prescription for healthcare Reduce the attack likelihood Reduce the attack impact Tactical Patch Management Protecting Medical Devices Third-Party Risk Management Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.

Types of Cryptography Attacks

Cryptography is an essential act of hiding information in transit to ensure that only the receiver can view it. IT experts achieve this by encoding information before sending out and decoding it on the receiver's end. Using an algorithm, IT experts can encrypt information using either symmetric or asymmetric encryption. However, like any other computer system, attackers can launch attacks on cryptosystems.

Cryptocurrency trading bots: Strengthening Cybersecurity and minimizing risks

A staggering $1.9 billion in cryptocurrency was stolen by criminals in 2020, a recent report by Finaria reveals. Fortunately, despite the growth of the crypto market, crypto crime has decreased by 57% since 2019, dropping to $1.9 billion. The widespread recent implementation of stronger security measures also means crypto-criminals stole 160% more in value in 2019 than in 2020, despite the similar number of crimes.


A CISO's guide to sensitive data protection

As companies become more digitized, they must take appropriate steps in their application security processes to ensure data protection. The SolarWinds software supply chain attack, which was delivered to over 18,000 customers via the company’s own software update process, was the result of malicious code deployed in SolarWinds’ Orion network monitoring software.


Cloud Threats Memo: Keeping Distributed Workforces Secure

Thanks to the growing availability of vaccines and immunization campaigns in multiple countries, the world is starting to see a light at the end of the COVID-19 tunnel. We are eager to return to a new normal, being aware that some changes will be permanent, or if not permanent will strongly characterize the next years.


Snyk takes on responsibility for Node.js ecosystem vulnerability disclosure program

As announced last week by our good friends at the Node.js Foundation, Snyk has agreed to take over from the amazing Node.js ecosystem vulnerability disclosure program. As a company that’s been part of this program from a very early stage — and has been inspired by it to create our own multi-ecosystem disclosure program — it is a great honor to have been entrusted with this responsibility, and we thank the Node.js Foundation sincerely for their trust in this matter.


The Colonial Pipeline Ransomware: Why It's Hard To Be Protected

After every major cyberattack, security vendors like LogSentinel are expected to write something on preventing future similar incidents, probably involving their technology. And yes, we do have a ransomware prevention page that outlines the key features of LogSentinel SIEM to fight against ransomware. But it’s much more complex than that. What everyone in the industry knows is that in order to not be affected significantly, you have to have a proper off-site backup.


Privacy Impact Assessment - PIA vs DPIA (GDPR)

Before GDPR, PIA (Privacy Impact Assessment) were a thing. This topic is around privacy impact assessment, its purpose, PIA vs DPIA and includes the underlying context of GDPR compliance. The monotony has been changed since the General Data Protection Regulation (GDPR) came into existence; it has significantly changed the concept of data privacy and security.


Critical Mobile Security Capabilities Everyone Needs

One thing that 2020 taught us is that you can do anything with a mobile device. My smartphone and tablet have become my go-to for shopping, banking, watching TV and video chatting with family and friends. I’m also getting a lot of work done on them. Basically it has become the center of both my personal and professional lives. Here’s the dilemma a lot of organizations are facing: while away from the office, your workers are using their mobile devices to stay productive.


What is Unified Policy as Code, and Why Do You Need It?

Uptime. Reliability. Efficiency. These used to be perks, elements of forward-thinking and premium-level enterprises. Now they’re a baseline expectation. Today, consumers expect information, resources, and services to be available on-demand, updated in real time, and accessible without fuss. Imagine trying to Google something or place an order from Amazon only to be told, “Please try again in 48 hours. Sorry for the inconvenience.”

Upload Binaries to Scan with Veracode Static for Eclipse

In this video, you will learn how to prepare a build of your application using Veracode Static for Eclipse and upload the build to a new or existing application profile in your Veracode portfolio. Veracode Static for Eclipse is a plugin for the Eclipse IDE that enables you to upload binaries to Veracode for static analysis. You can work with the scan results from within Eclipse to review and mitigate security findings in your applications.

Harnessing security expertise to power SAST and Code Security

Join us for a live stream with Benji Kalman, Director of Security RnD at Snyk, to talk about his experience in security research and managing the Security team over at Snyk. We'll talk about his role, what are day-to-day activities like, what are the challenges, and then connect it to the deep security expertise that help augment secure coding via Static Application Security Testing (SAST) tools.

2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

Cybersecurity has always been a significant challenge for businesses, mostly due to the increasing financial and reputational cost of data breaches. As a result, there has been a consistent rise in tactics and technologies used to combat these threats. These methods fulfill the need for better, smarter ways to augment enterprise-level security and minimize mobile security risks.


Data Protection Impact Assessment (DPIA) GDPR - meaning, methodology and more!

A DPIA is a Data Protection Impact Assessment. It’s an assessment of the likely impact on data subjects (individual) and their rights, both regarding privacy and freedom to conduct business. The goal: To identify what measures might be needed for compliance with GDPR or equivalent legislation elsewhere in the world before beginning a new process involving personal data that will make it clear how that individual’s right is affected by this project.


What Makes a Security Analyst Successful? Investigative Thinking

The new SANS 2021 Report: Top Skills Analysts Need to Master analyzes the need for organizations to invest in improving their security operations and identifies the skills analysts must master to support this initiative. Characterizing an analyst as essentially an investigator, the SANS report breaks the investigative process down into two primary areas: Investigative Tasks and Investigative Thinking.


New SMS Phishing Campaigns Target Retail Customers

SMS-based phishing attacks are nothing new. They’ve been around in one form or another since the technology became mainstream in the mid-90s, and more so since the introduction of smartphones a decade and a half ago. However, in their latest incarnation, AKA Smishing, such attacks are progressively executed on a scale never seen before. In the last couple of months, Cyberint has seen an increase of SMS phishing attacks targeting the customers of retail companies.


AWS IAM security explained

AWS Policies are a key foundation in good cloud security, but they are often overlooked. In this blog, we take a quick look on some AWS Policies, particularly for Identity and Access Management (IAM), that could become problematic if not properly managed. We'll discuss how they can be used against us to generate attacks like: Ransomware, data exfiltration, credential abuse, and more. Finally, we'll suggest some Open Source tools for cloud policy assessment and pentesting.


Picking the Right Comprehensive Threat Detection Solution

A slew of recent changes, particularly the massive shift to remote work following the pandemic, has rapidly redefined the cybersecurity threatscape. In the new cyber normal, organizations face the security dilemma of keeping existing tools versus adopting solutions to protect them against today's threats.


DigitalOcean vs Linode

Chances are, if you’re shopping for a virtual private server, you already understand why they’re useful for web developers, app designers and everyone in between. You also probably know that the surge in popularity of hourly pricing means you can try most of the big players in this space for yourself for the cost of one Bazooka Joe comic (not even the gum, just the comic).


How to protect your Wi-Fi devices from new FragAttacks vulnerabilities

Fragmentation and aggregation attacks (FragAttacks) are WLAN vulnerabilities discovered by Mathy Vanhoef, who created this webpage to provide more information about them. Three of these vulnerabilities are 802.11 specification design flaws, and they are probably as old as the 802.11 specification itself. Aggregation was added in 802.11n, which means this vulnerability has been in the design for over 10 years. Nine of these vulnerabilities are implementation flaws.


Introducing Snyk Preview: Early access to Snyk features

In 2020, over 30 new major features were released across the Snyk platform — in Snyk Open Source, Snyk Container, Snyk Infrastructure as Code, and Snyk Code. While both our development and product teams deserve credit for Snyk’s rapid pace of development, our users also play an important role by continuously providing us with their feedback and insight. Our ultimate goal is to help development and security teams be successful in mitigating risk.


Continuous dependency updates: Improving processes by front-loading pain

This is a story of bringing the pain forward, begging forgiveness, and continuous improvement. In the early days of Manifold — long before we joined Snyk — we were building an independent marketplace for developer services (like databases or transactional email senders). The structure of our code was typical: we had a React frontend app, and a collection of Go microservices talking to a database. A typical structure meant we had typical problems, too.


Veracode and Finite State Partner to Address Connected Device Security

Over the past decade, we have seen the rapid adoption and expansion of connected devices and embedded systems among businesses. This includes anything from the Internet of Things (IoT) to connected medical devices, building systems, Industrial Control Systems (ICS), and other devices that power our lives and our infrastructure.

The biggest cyber risks for healthcare providers and how to tackle these security threats.

Security threats in healthcare relate to the safety of the clinical and administrative information systems of hospitals and healthcare service providers. Increasing cyber attacks on healthcare organisations in the last few years have been faster than the improvements in healthcare security practices. In this article, we discuss the cyber security threats and vulnerabilities of hospitals and healthcare providers, followed by best security practices aimed at improving security posture.

Superior Integrity Monitoring: Getting Beyond Checkbox FIM

If File Integrity Monitoring (FIM) were easy, everyone would be doing it. Actually, it is pretty easy. It’s not exactly rocket science. Practically anyone with a modicum of Python, Perl or development skills can write an app or a script to gather the checksum of a file, compare it to a list or baseline, and tell you whether or not said file has changed.


"Network Security" the Biggest Concern for Public Cloud Adoption, Reveals Survey

Cloud misconfigurations represent something that’s plaguing many organizations’ cloud adoption efforts. For example, a 2020 report found that 91% of cloud deployments contained at least one misconfiguration that left organizations exposed to potential digital threats. Those weaknesses contributed to more than 200 data breaches between 2018 and 2020, noted SC Magazine, with those security incidents exposing more than 30 billion records.


Impact of GDPR on Cloud Service Providers

Cloud computing is an integral part of most businesses globally. Technology has transformed the way businesses operate and thrive in the industry. However, the cloud industry has been facing huge challenges when it comes to complying with various data protection and data privacy standards. With the enforcement of the General Data Protection Regulation (GDPR), a lot has changed for most businesses.

outpost 24

What's new and changed in CIS CSC version 8 - IG1

On May 18th 2021, the Center for Internet Security (CIS) released version 8 of the Critical Security Controls (CSC) - a business and technology agnostic set of recommendations that all organizations should consider and follow to prevent the most prevalent and dangerous attacks. In this blog series we discuss the ins and outs of the new guidance to get you up to speed with v8.


Cloud Threats Memo: How Contact Tracing and Personal Cloud Apps Led to a Huge PII Exposure

COVID-19 contact tracing and personal cloud apps, what could possibly go wrong? A recent federal lawsuit, filed against the state of Pennsylvania and a vendor contracted by the state’s Department of Health, provides an interesting answer. The vendor in question was contracted “to provide contact tracing and other similar services” following the outbreak of COVID-19 in March 2020.


Weekly Cyber Security News 21/05/2021

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. This first article makes a really good point of pointing out how ludicrous the apathy to tighten exposed service is. The cloud providers have done a lot to make it obvious vulnerable services are exposed, but no, people still can’t or ignore such advice. Is it lack of capability? Ignorance? Cost cutting? Maybe all of them.


How to design Data Safety into your cloud

What is Data Safety, why is it important, and how do you go about designing into the foundations of your data environment? When you see the phrase "Data Safety", the chances are you think of Data Security. Most people do. What is far less likely is that you think of the other two pillars of Data Safety: Data Privacy and Data Governance. Clearly, all three pillars overlap.


Four examples of data privacy programmes delivering more than privacy adherence

Reduced costs, new revenue streams, greater customer trust and new markets The best data privacy programmes are granular. They assess the root of every data source, the nuances of every data use and the specifics of every way in which data is stored and shared. From that finite visibility, liabilities can be identified and appropriate remedies put in place that carefully balance the demands of the data subjects with the needs of the business.


Reporting a GDPR data breach

In order to understand how to report a data breach, we first have to know what a data breach actually is. Under the GDPR, a personal data breach is “the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.” This covers a wide range of scenarios, some of which might be surprising. The following would all be considered as data breaches under the GDPR.


Live From RSAC: Anne Neuberger Addresses President Biden's Executive Order on Cybersecurity

Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, addressed President Biden’s executive order at the virtual RSA Conference this week. The executive order, announced on May 12, 2021, aims to safeguard U.S. cybersecurity and modernize cybersecurity defenses. As Neuberger explains, this executive order couldn’t come at a more critical time.


What is Residual Risk? Why it Matters So Much in 2021

Residual risk is the threat or vulnerability that remains after all risk treatment and remediation efforts have been implemented. Even with an astute vulnerability sanitation program, there will always be vestiges of risks that remain, these are residual risks. Because they will always be present, the process of managing residual risk involves setting an acceptable threshold and then implementing programs and solutions to mitigate all risks below that threshold.

xona systems

The Colonial Pipeline Incident Fallout and Building Zero-Trust

Back in March, a hacking group known as DarkSide began a campaign on Colonial Pipeline’s IT network and billing systems. On May 7th, Colonial publicly announces the attack, shuts down servers and some pipelines and pays DarkSide $4.4M in ransom. On May 12th, Colonial restores operations and announces fuel delivery timelines amidst panic buying at gas stations.


Live From RSAC: Disinformation: As Dangerous as Cyber and Physical Threats

In today’s digital world, we practically live on our phones or computers. Chances are, you don’t go more than 15 minutes without checking your email or social media. And you probably get most of your news from the Internet. But how do you know what information is real? Two different news sites might be giving a different opinion of the same story. Take the presidential election, for example. There was a frenzy of fake news trying to sway voters in one direction or the other.


Baseline Security (Posture) Monitoring is the New Breach Monitoring

As part of the 2021 MSP 500 project, CRN asked MSPs to describe their most significant challenges for 2021. Their answers ranged from 'finding and hiring highly trained new employees' to 'fulfilling clients' sophisticated IT security needs whilst sustaining business in the saturated MSP market.' In 2021 the cybersecurity threats have taken different shades and have compelled the MSPs to refine and increase their security offering to stay relevant and thriving in the market.

Cyber Insurance: Insuring the Intangible

Whichever way you look at it, the talk around cyber has been gathering steam. Plenty of commentators on the insurance market have predicted that 2021 will be the year that cyber insurance comes into its own. Cyber risks are constantly shifting and personal and commercial insurance is fast becoming a must-have. However, it’s hard to draw the line between the two as remote working becomes more common so insurers are finding it difficult to write cyber in a general sense. Demand won’t drop off though. Nor will the threats.

Confessions of an Information Security Engineer

Here’s the story of an information security engineer whose organization urgently needed new security log management stack that would enable him and his peers to not only survive but really thrive. In this Log’s Honest Truth podcast, presented in partnership with ITSP Magazine, Julian Waits, GM of the Devo cyber business unit & public sector, discusses the confessions of “Mr. B,” an information security engineer. Mr.


Avaddon Ransomware Attack Hits AXA Philippines, Malaysia, Thailand and Hong Kong

The AXA Group has been targeted by Ransomware and the threat actors have publicly announced this incident. AXA Group’s IT Operations were affected regionally in the Philippines, Thailand, Malaysia and Hong Kong. The hostaged data, amounting to approximately 3 terabytes, consisted of customers’ personally identifiable information, health records, medical claims, patients’ personal health conditions, photos of IDs and passports, bank documents, and hospital invoices.


Does Your Threat Intelligence Solution Have These Essential Features?

Threat intelligence solutions provide security teams with critical context on cybersecurity vulnerabilities and the threat actors seeking to exploit them. This helps organizations to respond proactively and efficiently to threats. Yet while all threat intelligence tools offer the core feature of basic information about cybersecurity threats, they vary significantly in the ways they make available that data.


Biden's Cybersecurity Executive Order Focuses on Supply Chain Attacks

“The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy. The Federal Government must improve its efforts to identify, deter, protect against, detect, and respond to these actions and actors.”


What is a trusted advisor? ...and why do I need one?

Organizations today, even those not related to "tech", all have a need for cybersecurity. Regardless of your industry vertical, if you have email, a website, a phone system, or even just have people using computers, cybersecurity is needed at some level or another to protect your ability to do business.

outpost 24

What is API Security and how to protect them

APIs are a key part of modern web application development transforming how organizations build, manage, and scale their web and mobile services. In this blog we discuss why APIs are the new web application security, highlighting the growing challenges of API security risks and sharing best practices for preventing API attacks.


6 Key MSSP Obstacles That Can Be Solved With Automated and Integrated Security Operations

The pandemic spared no one and created disruption for everyone. But adversity can bring opportunity, and many of the businesses that prospered because of COVID-19 were the ones able to offer customers something that the crisis took away from them. (Raise your hand if you or someone you know purchased – or at least thought seriously about buying – a Peloton.)


How to cyber security: Leverage AST solution data to make risk-based decisions

AST solutions provide insights to help organizations make more-informed decisions about their security investments. By now, everybody is familiar with the fundamental value of using application security testing (AST) solutions. You do security testing as part of a secure software development life cycle, you find security bugs, you fix them, and the software you release has a lower risk of being compromised, interrupted, or otherwise abused by attackers.


What are the PCI DSS Password Requirements?

The PCI DSS compliance password requirements are mandated by Requirement 8 of the Payment Card Industry Data Security Standard (PCI DSS). Password compliance plays a key role in the PCI standards because it dictates the password complexity necessary to help an organization better defend its systems against unauthorized access.


The Right Steps to SASE: Understand Where You're Going

When undertaking a new project, the need to deliver quantifiable results today (or at least very quickly!) is a significant challenge facing a CIO, CISO, or anyone with high-level responsibility for enterprise networking and security. Unlike typical IT projects where long development cycles may be tolerated, security must demonstrate value right away and deliver quick wins. Vulnerability is scary.


Streamlining Security Incident Management & Responses

In order to get a grasp on how to ease security incident management and response processes, there are terms to be clarified first. First of all, a security incident is the common name of an attack towards an organization’s cybersecurity system, network, or data in general. In addition, TechSlang also includes successful attacks within the term “incident”. Therefore, whether impactful or not, all types of attacks, violations, or exploitations can be described as security incidents.

Hardened Access - Dual Authorization for Roles & Per-session MFA with Yubikeys

This webinar is a deep dive into how companies can harden access to Teleport with two new features in Teleport 6.1 These include creating dual & multi Authorization rules, requiring multiple team members to approve role escalation. This is an important FedRAMP control ( AC-3 ) and increasing the visibility and audibility for access. We’ll show how you can enforce per session MFA with the aid of hardware tokens; reducing the scope and risk related to certificate exfiltration.

Live From RSAC: Is Digital Transformation Making AppSec Headless?

Chris Wysopal, Veracode Co-Founder and CTO, recently sat down with Tom Field, ISMG Senior Vice President of Editorial, for an executive interview at the RSA Conference 2021 to discuss if digital transformations are making application security (AppSec) “headless.”


Live From RSAC: AppSec's Future and the Rise of the Chief Product Security Officer

Chris Wysopal, Co-Founder and CTO at Veracode, and Joshua Corman, Chief Strategist of Healthcare and COVID at CISA, presented at the 2021 RSA Conference on AppSec’s future and the need for a new Chief Product Security Officer (CPSO) role. Wysopal started by quoting entrepreneur Marc Andreessen saying, “Software is eating the world,” to express just how much we rely on technology. From our iPhones and laptops to our cars and even our refrigerators … software is everywhere.


Top 5 Cybersecurity Threats and Vulnerabilities in 2021

As the pandemic starts to fade, it can be easy to fall into a false sense of security. While there’s finally an end to COVID-19 insight, the cybersecurity pandemic rages on. 2020 was a record year for cybercrime, and the same threats will plague 2021. Amid the disruptions of 2020, many businesses embraced remote work, cloud services, and IoT technologies. These changes, in turn, led to a shifting cybersecurity landscape as cybercriminals adapted and new threats emerged.

What does a penetration testing report look like? Why are reports so important?

The importance of pen test reports can't be undermined on the customer side. Moreso because makes the base for risk remediation activity that is a much bigger job than a pen test. Therefore, it is very important that pen test reports reflect the output of testing addressing different audiences (business and technical). What should a penetration test tell you? What is a pentest report? What to expect from a Penetration test report?

Testing for PHP Composer security vulnerabilities with Snyk

PHP is used extensively to power websites. From blogging to ecommerce, it’s embedded in our everyday lives and powers much of the internet we use today. According to a Wappalyzer report on top programming languages of 2020, PHP has a 79% market share of backend languages used on the internet today. One of the biggest challenges with PHP libraries over the years has been package management. There have been a few ways to easily install and maintain libraries including PECL, CPAN.

Data Security & Governance for the Way You Work Today

The old cybersecurity stack is being pushed to the brink and no longer meets the needs of modern distributed workforces. It’s time for data security to adapt to the way we work today by putting data at the center of the security strategy. Learn how Egnyte is reimagining data governance and cloud security by delivering centralized visibility and control over your most sensitive content, wherever it’s accessed.

Why Google's new privacy labels are important

When Apple released their privacy nutrition labels, it was seen as a key turning point in platform-level privacy. Even so, while Apple holds control of mobile device profits and industry mind share, they do not account for the majority of mobile devices globally—especially in developing countries. The iPhone is expensive, and therefor any of its privacy protections become a benefit only to those that can afford their devices.


Safeguard Digital Journeys with Robust ID Verification

Even as COVD-19 slammed the brakes on in-person interactions across the globe, it simultaneously accelerated the virtualization of working models. Everything that was online was accessible; anything that was not, lagged behind. In response, companies have raced to support and retain their customers by providing digital capabilities and online experience at a speed that was previously unimaginable. As the digital economy amplifies on a global level, seamless online transactions are penetrating communities all over the world. But with this, there is a growing threat of probable frauds too.

DevSecOps' Security Ownership Problem

Who’s responsible for security? Milton Friedman once said “When everybody owns something, nobody owns it, and nobody has a direct interest in maintaining or improving its condition.” While that quote was about physical buildings 40 years ago, it’s still relevant to how we build software today. The technology required to shift security left exists but the organizational shifts are lagging behind.


Raccoon Stealer

First observed in 2019 and advertised (Figure 1) as a 'Malware-as-a-Service' (MaaS) threat on various cybercriminal forums, Raccoon is an information stealer targeting victim credentials and cryptocurrency wallets. Seemingly favored by some threat actors due to its simplicity, the malware element of Raccoon omits advanced features, such as those used to evade detection, and instead focuses on the 'stealer' task in hand.


Problematic JavaScript Vulnerabilities And Their Fixes Every Developer Should Know

A web developer’s ultimate goal is to not only develop a website or an app that is aesthetically and functionally stunning but highly secure as well. Cybersecurity is inevitable and no end-user would want to have an app that could breach or compromise their data security and integrity (no matter how useful the app is). With hackers and middlemen working on creative ways to explore vulnerabilities, it is on developers like us to take charge and be a step ahead of them.


Stalkerware: What is being done to protect victims as the number of cases rises

People are increasingly becoming aware of the threats posed by hackers who infiltrate devices using viruses, spyware and malware. However, it may be time to shine the spotlight on “stalkerware”, a completely different type of cyber security threat that nevertheless has lasting negative repercussions. In this article, we will talk about this malicious software, which allows a remote user to surveil all activities on another user’s device.


A Real-World Look at AWS Best Practices: IAM Policies

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.


Loyalty program abuse: How malicious bots target hotels

Hotels across the globe have been subject to massive data breaches and widespread loyalty fraud over recent years. Competitive bookings have become a prime target for cybercriminals who take advantage of look-to-book ratios and the vast amounts of data held by hotel chains to execute loyalty program abuse. But as severe travel restrictions came into play and bookings ground to a halt, hotels became almost redundant for 12 months of the pandemic.


Overview: Custom Questionnaire Builder by UpGuard

Digital transformation is creating unpredictable mutations across the attack surface. As a result, some third-party risks have outgrown the discovery mechanisms offered by the hundreds of standard security frameworks currently available. To cater to these growing use cases, UpGuard has introduced custom questionnaires to its industry-leading third-party risk management platform. Custom questionnaires are vendor security questionnaires that you can design yourself.

Product Spotlight & Roadmap | UpGuard Summit May 2021

Hear from Chief Product Officer, Dan Bradbury, about UpGuard's latest features from this quarter, as well as the exciting releases coming soon. UpGuard is a complete third-party risk and attack surface management platform, managing cyber risk across attack surfaces and third-party vendors by proactively identifying security exposures.

The Netskope Online Community

Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

IT Network Attacks Can Impact Your OT Networks, Too

On May 8th, I was at a gas station filling up my car before a trip I was taking when the news about a cyberattack against a large pipeline company broke. The attack led them to halt all operations. Ultimately, the incident stemmed from a ransomware infection in which a well-known threat actor took volumes of corporate data in just two hours and made their demands including the threat to block and encrypt the company’s network. They even threatened to release the data to the internet.


GDPR - Individual Rights

As more businesses collect and share customer personal data for their digital economy, it has significantly influenced data privacy in today’s digital age. Data is the most critical asset to both businesses and customers/users. Businesses must ensure the confidentiality and integrity of users’ data and impose strict control over personal data collection and processing.

Trend Micro & Snyk - Better together

This Trend Micro and Snyk talk gives an overview of what is open source is, including the growth, power and potential risk involved in using it to build and deploy cloud native applications. With visibility into open source vulnerabilities and license issues the first time sec ops professionals have visibility into potential vulnerabilities in open source components through . Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Adoption and acceptance of Digital Identity

While the world is still more familiar with physical IDs (which may then be linked to online government records), it continues to be inadequate today, as they can be easily manipulated or purchased illegally. IDENTITY –still on a piece of paper? This needs another thought, in a world where hard copies are going obsolete. Hence, governments of different countries have taken up new projects to build a 100% secure and digitized identity by levelling up their existing systems.


What is data loss prevention?

DLP security strategies, benefits explained The threat landscape is a constantly evolving challenge for enterprise security professionals – the number of cyberattacks is continuing to rise, data exfiltration is now included in 70% of ransomware attacks, and insiders are responsible for 30% of all data breaches. As a result, enterprises are constantly looking for ways to reduce the risk of sensitive data being leaked outside the company.


Introducing Rapid Integration Connector: A New Solution for AppSec Tools

Anyone working to stand up or build out a robust AppSec program understands the ongoing need for security scanning tool integrations. Practitioners rely on a “garden shed” of AppSec tools, including open source and leading commercial ones, to support their security efforts.


Detectify Research Team releases Ugly Duckling, a web scanner for hackers

STOCKHOLM, SWEDEN – the Detectify Security Research team announced the general availability of Ugly Duckling, a stand-alone application security tool specifically tailored for ethical hackers to make it easier for them to share their latest findings. This new open-source scanner was developed with the Detectify Crowdsource community hackers in mind, and it is available for any security enthusiasts to tinker with as well.


7 Best Practices to Prevent Intellectual Property Theft

Original ideas, developments, and trade secrets help businesses increase their value and stand out among competitors. But as market competition grows, the risks of intellectual property (IP) theft and leaks also grow. Establishing basic security policies and procedures to protect sensitive data is crucial if you want to continue to benefit from your intellectual property.


How to remove friction in DevOps with Intelligent Orchestration partner integrations

Synopsys’s world-class application security products, services, and the recently released Intelligent Orchestration can help you build secure, high-quality, resilient software faster. But no single vendor can provide solutions for all the challenges a company faces today. Firms need partners to solve the myriad business challenges they face. Synopsys Technology Alliance Partner program partners with the technology industry’s leading organizations to create joint customer value.


Reciprocity and ZenGRC Win Four Cyber Defense Magazine InfoSec Awards

SAN FRANCISCO – May 18, 2021 – Reciprocity, a leader in information security risk and compliance with its ZenGRC platform, today announced ZenGRC has been awarded four coveted Cyber Defense Magazine (CDM) InfoSec Awards: Most Innovative in IT Vendor Risk Management, Cutting Edge in Risk Management, Most Innovative in Third Party Risk Management, and Publisher’s Choice in Compliance.


Hacker Tools Used for Good as Exposed Amazon Cloud Storage Accounts Get Warnings

Responding to the all too familiar news of compromised Amazon cloud storage, security researchers have begun leaving “friendly warnings” on AWS S3 accounts with exposed data or incorrect permissions. The misconfiguration of access control on AWS storage “buckets” has been behind numerous high profile data breaches, including Verizon, The Pentagon, Uber and FedEx.


A Closer Look at the Software Supply Chain Requirements in the Cybersecurity Executive Order

Software security is a big focus of the Biden administration’s recent executive order on cybersecurity. In fact, an entire section, or 25 percent, of the order is dedicated to software security requirements. In the wake of the SolarWinds cyberattack, the security of the software supply chain is clearly top of mind at the White House, and has prompted these unprecedented and detailed security requirements for any software vendor looking to do business with the federal government.


Google's Office of the CISO Points the Way Towards Scaling Security

Amazon’s, Google’s and Microsoft’s experiences with building massive infrastructures for the world allows for some fascinating insights into the future of IT security at scale. As a result, when Google published The CISO’s Guide to Cloud Security Transformation earlier this year, I was curious about what priorities they saw in cloud security. It’s a short read, and it’s well worth the time invested in downloading a copy.


Styra raises Series B to Drive Cloud-native AuthZ

In November 2019, just after Styra raised $14 million in our Series A funding round, I wrote that the market’s move away from monolithic apps and adoption of containerized cloud-native application architectures was going to provide “a substantial market opportunity for policy and authorization to evolve.” A lot has happened since I wrote that, and I’m happy to report that while our Series A round showed the market opportunity, our latest round of funding proves the validity of t


Exploring intent-based Android security vulnerabilities on Google Play

Our phones know a lot about us, so it’s important we can trust them. After discovering and then publishing our findings on SourMint — the malicious iOS ad SDK — the Snyk Security Team decided to dig deeper in the Android ecosystem. To do so, we leveraged Snyk Code to analyze and search for vulnerabilities in applications uploaded to the Google Play store.


3 Steps Construction and Engineering Companies Should Take to Prevent Ransomware (and one to help you recover from an attack)

In our recent infographic we reported that almost 1 in 6 construction companies reported a ransomware attack in the past year so, yes, ransomware is a serious problem for construction companies. The question then becomes: why are construction and engineering companies being targeted with such frequency? For two reasons; first is a distributed workforce.


Facebook loses its fight to transfer EU data to the US.

The Irish High Court, Ireland's data privacy watchdog, has won a legal fight over Facebook's data flows between the EU and the US. When the EU-US Privacy Shield was ruled insufficient in protecting the privacy of EU data subjects last year, many companies were left in an uncomfortable state of limbo waiting. Any organization moving data about EU residents from the EU to the US has been in the dark on whether they were still in compliance.


Threat Intelligence, Integration and Automation in a Modern SOC

As organizations continue to evolve their security operations maturity and the SOC increasingly focuses on detection and response, three capabilities are foundational for success – threat intelligence, integration and automation. In a recent webinar, “Evolution of CTI – Use Case in a Modern SOC,” ThreatQuotient’s Yann Le Borgne, together with Ben van Ditmars of Atos and Martin Ohl from McAfee tackle this topic.

How to Stop Insider Data Theft And Protect Privileged Access Management (PAM) Using SIEM?

In this video, we will demonstrate how LogSentinel SIEM is the perfect solution for monitoring and identifying when a privileged user attempts to modify data which would impact the trustworthiness of the information. LogSentinel's #SIEM software will alert you in real-time for any changes made by privileged users.

3 actions to take based on the Colonial Pipeline ransomware attack

Ransomware has been a thorn in the side of cybersecurity teams for the past several years. As other security threats have come and gone, this insidious threat has been a constant challenge for every organization. This past year has proven to be especially profitable for ransomware operators, as major organizations like United Health Services, Orange and Acer have fallen victim to these attacks.


Teaching kids internet safety tips for Zoom parties

The internet has changed over the years. Kids today are less interested in random chat rooms, and more inclined to connect with their friends via social media. Most recently, Zoom parties have become the norm for kids, especially due to the COVID-19 pandemic. On paper, Zoom parties can be great ways for kids to stay connected. They can chat with their friends, and even meet people from different parts of the country – or the world!


Detectify Security Updates May 17

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users.


What's new in the 2021 'Open Source Security and Risk Analysis' report

As the use of open source has grown, so has the number of vulnerabilities. Uncover the latest findings from the 2021 OSSRA report. Open source libraries are the foundation for every application in every industry. But paralleling the popularity of open source is a growth in risk—specifically around open source licensing, security, code quality, and especially open source sustainability.


SOAR Tools: What To Look For When Investing In Security Automation Tech

Organizations may use security orchestration, automation and response (SOAR) to streamline security operations in three main areas: threat and vulnerability detection, incident response, and security-operations automation. Teams may use automation to increase efficiencies and maintain control of IT security functions from a single platform. SOAR solutions also allow for process execution, performance gap analysis, and machine learning to aid analysts in intelligently accelerating operations.


Malware Blindness in the Enterprise: How to Counter It?

These days several enterprises encounter suspicious links and websites that are ready to steal their data. This isn't very surprising as cyber crimes have increased tremendously in the last few years. Last year, Zscaler’s platform detected and blocked 2.7 million encrypted phishing attacks per month. It also found that 32 percent of newly-registered, potentially malicious domains were using SSL certificates.


Ghosts in the Machine - OT and IT Convergence

There is a saying in cybersecurity that “Data is the new oil.” If that is true, then that oil is powering not only the economy but also industry. The term ‘Industry 4.0’ refers to the fourth industrial revolution where traditional manufacturing and industrial processes are increasingly using IT and data to the point that we’re now seeing the emergence of ‘smart factories.’


Cybersecurity Training: Raising Awareness And Securing Your Business

Organizations are increasingly faced with threats from sophisticated criminal organizations and nation-state actors. To mitigate the risks posed by cyber criminals, organizations must secure and protect their proprietary and sensitive information. They must also commit to training their employees to do their part to protect proprietary and sensitive information.


What the White House's Cybersecurity Executive Order Gets Right-And What We'd Like To See More Of

Netskope applauds the White House’s Executive Order on Improving the Nation’s Cybersecurity, especially the rigor with which short-term deadlines and some clear-cut plans of action are described. DarkSide ransomware and the attack on the Colonial Pipeline is just one recent example of events that have disrupted national critical infrastructure and put the privacy and safety of millions of individuals at risk.


Misconfigurations, known unpatched vulnerabilities, and Cloud Native Application Security

Two weeks back, we published our annual State of Cloud Native Application Security report. If you haven’t seen it yet, here’s a TL;DR. We surveyed nearly 600 developers and security professionals to see how the shift to cloud native (digital transformation) has changed their security posture. Then we parsed the results, gleaned valuable insights, and put them in an interactive webpage.


Mind the GAAP: A Lens for Understanding the Importance of the CIS Controls

Given that attacks are only increasing and there needs to be greater efficacy in how companies protect themselves, let us reference how the financial industry has created and relies on a body of standards to address issues in financial accounting as a defined comparison for Information Security. To support this argument, there is a defined contrast between information security and Generally Accepted Accounting Principles. We’ll explore this relationship in more detail below.


A guide to insider threats in cyber security

With so many different cyber threats targeting businesses like yours, it isn’t always easy to know which to prioritise. The mistake that many organisations make is to focus purely on threats originating from outside. However, with the number and severity of breaches caused by insider attacks continuing to rise, this can often be a very costly oversight.


Defending the client-side attack surface

It is strange to think that not that long ago the Internet was a very different place. A place filled with static text content, marked up in HTML, and served up alongside a few included image files; mostly consumed by a small population of persons with specific interests. Today’s Internet consumer demands a vibrant and responsive user experience customized to their individual interests. A localized cornucopia of options from around the globe, available on demand.


What is FedRAMP?

The Federal Risk and Authorization Management Program, or FedRAMP, is a federal government program to provide a standardized approach for security assessment, authorization, and continuous monitoring for cloud services and cloud products offered by cloud service providers (CSPs). FedRAMP creates a single risk-based standard so government agencies can engage with cloud-based providers more easily.


The impact of bad bots on digital publishing platforms

Online digital publishing platforms have thrived in the new media age. The ability to publish an article detailing news from around the world, within minutes of it happening, has allowed publishers to give their customers exciting and up-to-date content 24 hours a day, 7 days a week. However, like many other online platforms, publishers are often the victim of cyber-threats. Specifically, malicious bots programmed to perform a variety of attacks such as scraping, content theft and ad fraud.


What is Threat Modelling? 10 Threat Identity Methods Explained

Threat modelling is a process for identifying potential threats to an organization's network security and all the vulnerabilities that could be exploited by those threats. Most security protocols are reactive - threats are isolated and patched after they've been injected into a system. Threat modelling, on the other hand, is a proactive approach to cybersecurity, whereby potential threats are identified and anticipated.

Outpost24 Webinar - Is zero trust redefining network security assessment

As zero trust moves higher up on the CISOs security agenda we’re hosting a webinar to discuss the pros and cons of adopting this new approach and how it can impact your team’s ability to remain agile, whilst protecting your business. As a recent study demonstrates, 34% of security breaches involved insiders in 2019 meaning CISOs are becoming more likely to consider zero trust and it should come as no surprise that many organizations are now eager to adopt a zero-trust security policy.

Why SMEs should Care About Cyber Security

It was a turbulent time for business across the globe in 2020 and, whilst the situation is improving in 2021, there are still obstacles to overcome. Not least of all is the ever-present issue of cyber security: an average of 57% of SMEs admit to a breach in 2020, and 86% of organisations expect attacks to increase going forward. As business focus on recovering revenue streams and driving growth, investing in cyber security is often overlooked.


What is AppSec? The Challenges and Rewards

The definition of application security (AppSec) is found in the name itself. It consists of the process and tools used for securing the application software that computers, end-users, consumers and organizations rely on to operate various programs. Think media players, word processors and more complex B2B applications like those delivered by SaaS-based technology companies. And security includes the measures taken to protect this software, often with the use of different security scanning tools.


New Executive Order Seeks to Strengthen Security of Federal Government Networks

The Biden Administration published a new executive order (EO) to strengthen the digital security of U.S. federal government networks. Published on May 12 by The White House, the executive order covered much of what many media outlets reported would appear in the draft. This included the issue of supply chain security. For example, the EO stated that the U.S. federal government will begin requiring developers to make security data about their tools publicly available. It also said that the U.S.


Meeting the Security Needs of Modern Developers

Technological innovation doesn’t slow down when it comes to software, but neither do cyberattacks. The rapid pace of modern programming brings the need for agility and security that can scale and improve to meet business needs. Organizations that want to keep up with innovation while staying secure need more than just capable tools in their tech stacks; having the right people in the right seats to champion your security efforts throughout the development process is also key.


2021 Verizon Data Breach Investigations Report Proves That Cybercrime Continued to Thrive During the Pandemic

Verizon recently published its 2021 Data Breach Investigations Report (DBIR). This year, Verizon analyzed 79,635 incidents, of which 29,207 met their quality standards and 5,258 were confirmed data breaches, from 88 countries around the world. Despite the global pandemic, the DBIR uncovered that cybercrime continued to thrive. Like previous years, the majority of breaches were financially motivated, and most were caused by external actors illegally accessing data.


What are the security risks of the cloud computing?

The technological change of the 21st century has seen rapid growth in the innovation and fastest adoption of cloud computing. It is now considered the most ingenious solution that removes the idea of having a data centre by helping businesses meet their needs virtually in the most cost-effective, efficient, and productive way.

Sponsored Post

Top Events You Should Always Audit & Monitor

Anybody who’s looked for answers on the Internet has likely stumbled across a “TOP X LISTS”: The “10 things famous people do every day”, “Top 10 stocks to by”, the “20 books you have to read” are just some examples of the myriad of lists that are out there offering answers. You may have even stumbled upon a few “Top 10 (or 12) Events To Monitor” articles too.


Colonial Pipeline Incident

In yet another high-impact and high-profile ransomware incident, the 'big game hunter' ransomware group 'DarkSide' accepted responsibility for an attack against the US-based Colonial Pipeline Company, an organization providing fuel pipeline services across multiple states (Figure 1) that transport a reported 100 million US gallons of fuel daily including direct service to airports.


Sitdown with a SOC Star: 11 Questions With Siobhan Kelleher of Boston College

From salesperson to security analyst, Siobhan Kelleher, who works at Boston College, a private university in Chestnut Hill, Mass., is emblematic of the many people who have traversed non-traditional career paths to arrive in the cybersecurity profession. She is also validation of how much promise awaits the industry when its skills gap becomes narrowed with creative and passionate practitioners. Please enjoy Kelleher’s story of growth, development and confidence building.


Cybersecurity Executive Order requires new software security standards

President Biden’s Cybersecurity Executive Order requires new software security standards and best practices. Learn what you can do to prepare now. By: Tim Mackey, Principal Security Strategist, Synopsys Cybersecurity Research Center (CyRC) and Adam Isles, Principal, The Chertoff Group On Wednesday, May 12, President Biden signed an extensive Executive Order (E.O.) on Improving the Nation’s Cybersecurity. The E.O.


Ofwat reveals it has received 20,000 spam and phishing emails so far this year

Ofwat, the water services regulator for England and Wales, has revealed that it has received over 20,000 spam and phishing emails so far this year. The Water Services Regulation Authority (better known as Ofwat) which is the government department responsible for regulating the privatised water and sewage industry in England and Wales, said it had received 21,486 malicious emails so far this year – with 5,149 classified as phishing attacks.


Gig Workers are the Most Dangerous Insider Threat We Aren't Talking About

The term “gig economy” refers to the increasingly common use of skilled freelance or otherwise independent workers on a short-term basis—often one project at a time. The availability of these sorts of gig workers has brought massive change to global work culture over the last few years.

Outpost24 webinar - Full Stack Vulnerability Management with 360 Trust Services

Join Outpost24 and 360 Trust Services experts to learn how you can tackle the growing cybersecurity threats, and secure your high availability operations and satisfied customers. Save your spot for a comprehensive webinar, as we will be presenting the latest security products and services offerings, based on 20 years’ experience and accumulated expertise in cybersecurity, from vulnerability management, risk prioritization to driving a remediation culture.

New Cybersecurity Executive Order: What You Need to Know

Last night, the Biden administration released an executive order on cybersecurity that includes new security requirements for software vendors selling software to the U.S. government. These requirements include security testing in the development process and a bill of materials for the open source libraries in use, so known vulnerabilities are disclosed and able to be tracked in the future. Without following these standards, companies will not be able to sell software to the federal government.


Reducing Enterprise AppSec Risks: Ponemon Report Key Takeaways

Ponemon Institute’s Reducing Enterprise Application Security Risks: More Work Needs to Be Done looks at the reasons why many enterprises consider the application layer to be the highest security risk. Ponemon Institute, in partnership with WhiteSource, surveyed 634 IT and IT security practitioners about their enterprises’ approach to securing applications.


What is DevSecOps? Everything You Need to Know on the What, Why & When

The most basic definition of DevSecOps is found in the abbreviation itself. As a combination of development, security and operations, the term DevSecOps is about ensuring these three functions are fully and continually integrated through the software development life cycle (SDLC). It enables the development of secure applications by automating security at every phase of the SDLC—from the initial design phase through integration, testing, deployment and delivery.


Security Operations, the Devo Next-Gen SIEM, Is Now Chock Full of Content 

Devo has some big news for our customers, partners and prospects. We are pleased to announce the latest release of Devo Security Operations, which enables you to achieve full visibility without compromise, leverage real-time detections and enriched investigations, and maximize analyst productivity.


What is Open Policy Agent?

Open Policy Agent, or OPA, is an open source, general purpose policy engine. OPA decouples policy decisions from other responsibilities of an application, like those commonly referred to as business logic. OPA works equally well making decisions for Kubernetes, Microservices, functional application authorization and more, thanks to its single unified policy language. So what’s a policy engine? And what’s policy? A policy can be thought of as a set of rules.


Prevent cloud misconfigurations in HashiCorp Terraform with Snyk IaC

We’re delighted to share new features of Snyk Infrastructure as Code (Snyk IaC) designed to support how Terraform users write, plan, and apply their configurations. With Snyk IaC, you can get immediate guidance on security configurations as you write, and scan your Terraform plans in your deployment pipelines to ensure your changes and complete configuration are safe.


Scaling for DevSecOps with the Norwegian Labour and Welfare Administration

Application development has changed, and development teams have begun supporting a model of rapid and frequent deployments to support the pace of innovation demanded by digital transformation. From an application security perspective, this means scaling through DevSecOps and supporting developer-first security. The unique challenges and solutions for shifting to DevSecOps were the subject of a recent roundtable discussion featuring Aner Mazur, Chief Product Officer at Snyk and Christer Edvartsen, Sr.


Leading SaaS innovation with collaboration and security transparency

Detectify security experts are speaking with security managers and operational defenders daily. There’s a clear division on how a modern and mature organization will approach security compared to the compliance-first organizations that are playing whack-a-mole to lock down the perimeter. Security transparency is one of the differentiators.


Public Wi-Fi Tips

Home and public wi-fi hot spots are firmly a part of everyday life, more so since COVID where many work from home as well as those public spaces setup to help relive the monotony of being stuck at home. Whether you are at home or in a public space establishing some good habits to ensure security of the data you throw over the Internet is worth focusing on.


What Is NIST SP 1800-27: Securing Property Management Systems?

In 2019, the hospitality industry suffered 13 percent of all data breaches, ranking third highest among targeted industries. It was two years later when NIST released SP 1800-27: Securing Property Management Systems to help hoteliers secure their Property Management Systems (PMS) and associated patron data.


Survey: Only 39% of Orgs Have Ability to Retain Cyber Security Talent

The cyber security skills gap was a problem prior to the pandemic. In a survey of 342 security professionals released in early 2020, Tripwire found that 83% of security experts felt more overworked going into the new year compared to how they felt at the start of 2019. Tripwire asked respondents to elaborate on that sentiment.

Patch management : How updates, patches & bugs affect your business

What is patch management? Patch management is the process of tracking security bug(s) and applying updates (code changes) on them in existing applications, software, or programs on a computer and other technologies to improve the functionality and security of already released programs installed in systems.

Recent Pipeline Attack Highlights Our Vulnerable Infrastructure

On Thursday, May 6, Colonial Pipeline, which operates a pipeline that delivers gasoline and jet fuel to nearly 45 percent of the U.S. East Coast, fell victim to a ransomware attack. The attack took over 100 gigabytes of data hostage, causing the company to halt all pipeline operations and shut down several of its systems. The attackers, identified as a criminal gang known as DarkSide, threatened to leak proprietary information unless a ransom is paid.


Safeguard Against Account Takeovers with Endpoint-to-cloud Security

Not long ago, amid the Microsoft Exchange Server attacks, Lookout Chief Strategy Officer Aaron Cockerill wrote about why cloud apps are more secure than their on-premise counterparts. That’s a really important lesson and an initial step towards securing your organization. Here’s part two of that narrative: you also need dedicated security to ensure that your cloud infrastructure and apps are secure.

Access Control #3: State of Startup Application Security

In this third episode of Access Control, a podcast providing practical security advice for startups, Ben Arent chats with Luca Carettoni, co-founder of Doyensec. Doyensec is an independent security research and development company focused on vulnerability discovery and remediation. The Teleport team has been working with Doyensec for the last two years and have worked together on security assessment for Teleport. In this episode, we’ll get a pentester's view on the current state of startup security.

Joining forces with FossID to extend developer-first security to C/C++ applications

I’m excited to announce the acquisition of FossID, extending Snyk’s developer-first security capabilities with deeper C/C++ support and enhanced license compliance! Snyk’s vision has always been to empower developers to secure their applications, enabling the speed and scale required by technology-driven companies.


Open source license compliance and dependencies: Peeling back the licensing layers

How can you successfully navigate open source license compliance? Start with the right tools to identify your dependences and calculate their risks. What if you have an open source software package licensed under a permissive license like the Apache or MIT, but inside that package are dependencies licensed under a restrictive license like the General Public License (GPL)? What are some best practices to follow?


Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial Pipeline is responsible for 45% of the gasoline, diesel fuel and natural gas transported from Texas to New Jersey.


What are the top misconceptions about machine learning?

Many businesses are now talking about artificial intelligence (AI), and specifically machine learning, as a way to solve data problems more effectively. In theory, this sounds easy. What could be better than using AI to get a computer to learn how to solve a problem over time, without manual intervention? The reality is very different, however.


Netskope Threat Coverage: DarkSide

DarkSide is a ransomware-as-a-service platform that made headlines on May 8, 2021, for targeting Colonial Pipeline, resulting in a shutdown of their pipeline operations. The DarkSide ransomware platform first appeared in August 2020, advertising that they would not target organizations in the education, government, medical, or non-profit sectors.


You Can Now Simplify Business Decisions with DevSecOps Analytics and Reporting

Across all industries, organizations looking to succeed today must address the integrity of their software. Developing and deploying quality applications is now a foundational business effort, one that sits at the center of a growing global economy. Excellent, safe software not only drives higher productivity, but it also offers major economic benefits to the enterprise by lowering the total cost of ownership and ensuring a safe product experience.


Teleport Cloud in 2021: Security Audit Results

This year we launched Teleport Cloud, a new service for providing a hosted version of Teleport Access Plane. One of the first problems the team had to tackle was how to secure the new infrastructure properly, and the team wanted to ensure the best possible results by engaging in an independent audit. As with the Teleport core product, we engaged with Doyensec to provide an independent security audit of our production environment.


Top 5 Payment Fraud Types Banks and Merchants Should Be Aware of in 2021

Hallowe’en is still months away, but Frankenstein is out trick-or-treating even as you read this, and the operative word here is “trick”. Payment fraud criminals continue playing their games with financial institutions’ (FIs) customers and online merchants.


Snyk CNA adds flexibility in delivery with self-hosted version for AWS customers

There are several advantages to consuming software as a service (SaaS). For starters, it allows companies of any size to leverage enterprise-grade software (CRM, service desk, security, etc.) in a pay-as-you-go model to avoid spending large sums of money on shelfware that may never get put to use. SaaS also offers customers the ability to scale or change the usage of their software with little to no advance notice, and makes them more agile in delivering products to market.


Snyk streamlines procurement with AWS Marketplace Solution Provider Private Offers (SPPO)

For years now, modern organizations have enjoyed a seamless procurement experience when purchasing software products through AWS Marketplace. AWS has made it possible for customers to purchase third-party software using their allocated AWS budget while still being able to negotiate custom pricing and legal terms directly with their favorite vendors.


Norwegian DPA issues GDPR non-compliance notice to Disqus

This year has already seen over 100 GDPR non-compliance decisions. Mostly limited to regional companies, but a few have made larger news. The latest company poised to be fined is Disqus. Disqus is a commenting platform that companies can embed in their sites or applications to allow visitors to leave comments on individual articles or pages. Norway's data protection authority has notified Disqus that they intend to issue a non-compliance fine of NOK 250,000,000 (about EUR 2,500,000).


Empower your Security Team to Master SANS' Top Skillsets: Investigative Tasks

We all know the security industry mantra: it’s not a matter of if, but when and how we’ll be attacked. Recent reports of intrusion activity increasing fourfold in the last two years and a raft of alerts warning of a rise in attacks on schools, hospitals and healthcare providers, and critical infrastructure companies during the global pandemic have only reinforced this.

AppSec Decoded: Smarter DevSecOps with Intelligent Orchestration | Synopsys

In this episode of AppSec Decoded, Patrick Carey, director of product marketing, spoke with the Synopsys team responsible for bringing Intelligent Orchestration to market. Hear from Meera Rao, senior director of product management; Simon King, vice president of solutions; and Drew Kilbourne, managing director of North America security consulting, as they discuss how Intelligent Orchestration helps address the challenges for DevSecOps teams face and how this innovation is different from other application security test orchestration solutions.

A Taste of SOAR Own Medicine: Inside Siemplify's New Network & Security Operations Center, A Nerve Center Powered by Its Own Product

When Siemplify revealed roughly a year ago that it was launching Siemplify Cloud, an industry-first, cloud-native version of its security orchestration and automation (SOAR) platform, the announcement was about more than a product. “We had to change all our mindsets as a company,” recalls Alon Cohen, Siemplify co-founder and CTO. “There are different processes between being a SaaS (software-as-a-service) company and an on-premises company.”


Article Six: The highest risk of GDPR fines

Data breaches are big news. They come with a major hit to the trust customers have with a business, and even parts of the world that don't have data privacy laws will often have some form of data breach law. It might be surprising though, for those focused on GDPR, that data breaches don't account for the greatest number, and greatest monetary value, of GDPR fines.

EPHEMERAL LOCKPICKER: Malware Leveraged for Novel Intrusion Lifecycle and LuckyDay Ransomware Delivery

In 2021, Kroll investigators have had multiple opportunities to respond to a series of interconnected network intrusions, ransomware events and cyber incidents which, upon investigation and review, possessed overlapping tactics, techniques and procedures (TTPs) and similar indicators of compromise (IOC) among them. The incidents affected organizations of various sizes across diverse industry sectors through what Kroll’s investigations confirmed was a range of separate intrusion vectors.


Trend Micro launches Cloud One Open Source Security powered by Snyk

Last summer, we announced our plan to expand our partnership with Trend Micro to provide security operations teams visibility and tracking of vulnerabilities and license risks in open source components. The long-standing partnership already includes container image security scanning that leverages Snyk’s proprietary vulnerability database.

Hack my misconfigured Kubernetes at Kubecon Europe

In the last few years, we’ve seen more and more responsibilities shift left – to development teams. With the widespread adoption of Kubernetes, we’re now seeing configurations become a developer issue first and foremost. This responsibility means that developers need to be aware of the security risks involved in their configurations.

The State of Infrastructure as Code Security at Kubecon Europe

The adoption of infrastructure-as-code and configuration-as-code is soaring with the rising popularity of technologies like Kubernetes and Terraform. This means that designing and deploying infrastructure is a developer task, even if your “developer” is an infrastructure architect, and, just like application code, configurations can use test-driven methodologies to automate security prior to deployment.

Data Subject Access Request: Article 15 GDPR - The Right of Access

In today’s data-driven world, every other company and application collects a significant amount of important data and individual’s personal information such as name, email ID, address, date of birth, ID number, credit card information, and online behaviours, history and much more. Sharing data has become an essential component to many businesses and organisations; it allows the data controller and data subjects to stay connected and collaborate on many things.


Cybersecurity and Compliance for Healthcare Organizations

Amidst the pandemic overwhelming the capacity of many hospital systems, malicious hackers have been quick to target healthcare providers and medical agencies. These cyber-attacks have hit both the United States and Europe in recent months, serving as a reminder for organizations to closely review their information security posture during these times of uncertainty.


NAME:WRECK DNS Bugs: What You Need to Know

For most internet users, there’s not much of a perceivable difference between the domain name they want to visit and the server that the domain queries. That’s because the Domain Name System (DNS) protocol does a good job of seamlessly routing users to different IP addresses that are all associated with a single domain name.


The top 10 network security vulnerabilities for businesses in 2021

As per UK DCMS’s data breaches survey, about 32% of businesses in the UK have faced a form of cybersecurity threat between 2018 and 2019. As a result of these network security vulnerabilities, these businesses incurred costs on lost data and many other damages that totalled £4,180.


What is FIPS 140-3? The Critical Updates You Must Be Aware Of

FIPS 140-3 is the long-awaited update to FIPS 104-2 which was established on May 25, 2001. This updated validation process is finally capable of addressing the cryptographic modules that have evolved since 2001. This validation process includes testing with respect to certain standards or protocols and then the issuing of an official certificate from NIST (National Institute of Standards and Technology) confirming compliance with FIPS 140-3.


What is inherent risk? Your sensitive data could be In danger

Inherent risks are the cyber risks and vulnerabilities within an organization before security measures are implemented. In contrast, residual risk is calculated after cybersecurity protections have been put in place to protect against all of these inherent risks; its calculation includes every possible attack vector that could affect a system or data.


Weekly Cyber Security News 07/05/2021

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. With images of all the best spy movies out there, you just can’t help enjoy this one. While its not possible to control the driving of the car, flinging the car doors open at speed might have an interesting effect on the occupants (and allow our spy to gain access of course while swinging from the drone).


Product Update: Address Net Model for Address Verification

Complex address systems and its verification have continued to be a big riddle for technology companies. Currently address verification is done manually by matching the address mentioned in the identity document with the address filled in any kind of application form filled by the customer.


4 Reasons Cloud-Native Organizations Benefit from Cloud-Native Logging and SIEM

For cloud-native organizations — those begun in the past decade or so — obtaining critical services from other cloud-native companies makes sense. After all, the whole point of being cloud native is to avoid physical infrastructure wherever possible. You want to focus on your business, not managing the systems and infrastructures that support it. That strategy applies to your logging and security information and event management (SIEM) solution, as well.


SuiteCRM: PHAR deserialization vulnerability to code execution

SuiteCRM is a free and open source Customer Relationship Management application for servers. This advisory details a PHAR deserialization vulnerability that exists in SuiteCRM which could be leveraged by an authenticated administrator to execute commands on the underlying operating system. This issue has been fixed in release 7.11.19. In PHP, PHAR (PHP Archive) files can be used to package PHP applications and PHP libraries into one archive file.


Password security tips and best practices for enterprises

In honor of World Password Day, we’re doing our part to help keep your business secure by discussing the good, the bad, the ugly and the critical about passwords. Let’s face it: between all the logins we need for work and all the accounts we use in our personal lives, there are too many passwords to remember. So many of us do what seems natural—use the same password for multiple accounts.


NSA offers advice: connecting OT to the rest of the net can lead to "indefensible levels of risk"

The US Defense Department and third-party military contractors are being advised to strengthen the security of their operational technology (OT) in the wake of security breaches, such as the SolarWinds supply chain attack.


A Real-World Look at AWS Best Practices: IAM User Accounts

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.

Ask SME Anything: What are the major transformations behind SASE architecture?

In this episode of Ask SME (Subject Matter Expert) Anything, Netskope’s Michael Ferguson explains the origin of SASE and how it is changing the way we look at data and cloud security. Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.