May 2021


Data Loss vs. Data Leaks: What's the Difference?

Data loss refers to the unwanted removal of sensitive information either due to an information system error, or theft by cybercriminals. Data leaks are unauthorized exposures of sensitive information through vulnerabilities on the digital landscape. Data leaks are more complex to detect and remediate, they usually occur at the interface of critical systems, both internally and throughout the vendor network.

Working From Home - Is It Safe? (Cybersecurity Roadmap Webinar Cuts)

It is no secret that cybersecurity has grown in importance, especially in a work-from-home world. During this webinar, we review several important security solutions and hires to add to your 2021 roadmap, as well as tips on how to defend the need for them in front of senior management or the board.

How can eCommerce portals make shopping secure?

ECommerce security protects your company and customer data from cyber-attacks and malicious bots. As an eCommerce business owner, you must ensure that all data is handled securely to avoid a breach. Poor eCommerce security can have many negative impacts on a business. Customer trust relies on great customer experience, and when customers enter their personal details into your website, they expect it to be protected.


An Introduction To Cloud Security Posture Management (CSPM)

Many organizations are equipped to handle insider threat and external, common well-known challenges (like malware, for instance). These so-called “intentional” threats can be addressed through proactive security measures and best practices. But what about the unintentional risks that come with operating in a cloud-first environment? Unintentional mistakes, such as misconfiguring cloud infrastructure, can be equally devastating.


How to Comply with CPS 234 (updated for 2021)

Prudential Standard CPS 234 Information Security (CPS 234) is an APRA prudential standard. Australian Prudential Regulation Authority’s (APRA) mission is to establish and enforce prudential standards designed to ensure that, under all reasonable circumstances, financial promises made by its regulated entities are met within a stable, efficient, and competitive financial services sector.


The Colonial Pipeline ransomware attack and the reported demise of DarkSide

On Friday, 7th May, the organisation confirmed that a ransomware attack had forced it to shut down all its IT infrastructure – an infection attributed to the DarkSide cybercrime gang. However, just one week later, amid reports that a ransom of around $5 million had been paid out, DarkSide announced that it had stopped operating entirely.


Complete Cyber Security Jargons by Appknox

Cyberattacks are getting common and their impact is quite severe. Security breaches are no longer limited to a few large tech companies. Cybercriminals have rapidly altered tactics and started targeting several Small and Medium Enterprises (SMEs) as well. Today, companies, big or small, are targets of ransomware, viruses, malware, bots etc. Hence, it is important to understand some of the common cybersecurity keywords or jargon.


Asymmetrical threats in Cybersecurity

Security and defense theory are inextricably entwined. Consider medieval castles. They were designed as a defensive mechanism that provided security to those within, most of whom were simply civilians hiding behind the walls for protection from invaders. Within cybersecurity, multiple concepts from defense and war theory can be applied to better address the cyber risks facing organizations. In fact, the term Bastion Host refers to a Bastion which has very militaristic connotations.


How mob programming and sourcing jams activate collaboration at Detectify

Collaboration Rules is a company core value and at the heart of Detectify. It drives innovation and productivity in our organization, and activates our ability to build products to drive the future of internet security. Two of the methods we use for collaborating are Mob Programming in Engineering and Sourcing Jams in the Talent Acquisition team. At Detectify, collaboration is the way forward, and let’s dive into these use cases and our learnings.


Do you need a DPA from subprocessors?

When it comes to GDPR compliance, contracts are some of the most powerful tools you have to show to regulators. They allow you to receive legal guarantees from your service providers and third parties that protect you from liability in the event of a breach in compliance. You aren’t off the hook for everything, but at the very least you won’t be liable for negligence.


Shift-Left Testing: What It Is and How It Works

If your development team isn’t yet using shift-left testing, you could be wasting time, money, and energy. Teams that practice shift-left testing are able to identify potential roadblocks early in the process, change scope when needed, and improve design to avoid buggy code. When a bug does occur, it can be identified and dealt with quickly so as not to impact the project later on. Shift-left testing proposes to help agile teams become more agile.


How secure is your Magento website?

There are more than 250,000 merchants using the Magento open commerce platform around the world, resulting in millions of users accessing a Magento website every day. That was before the Covid-19 pandemic hit and drove a colossal surge in online activity and, unsurprisingly, consumers significantly exceeded spending predictions. In 2019 there were two days of digital sales that reached $2 billion, and in 2020 there were more than 130.

Logsign SOAR

The Logsign Security Orchestration, Automation, and Response (SOAR) provides you to streamline your security operations & improve the maturity of your security stack on a centralized and comprehensive platform. Automate your workflows, orchestrate your tools and people, reduce response times.

What is Application Vulnerability Correlation and Why Does it Matter?

As applications become more complex, and attack vectors grow more sophisticated, the critical importance of comprehensive software security testing emerges. These days, application testing has become synonymous with risk mitigation, as organizations continue to embrace security at all stages of the software development life cycle (SDLC). This effort includes automation, which helps to reduce the labor of testing and ensures applications are secured without impacting velocity.


Press Release: LogSentinel's participation in the project for support and growth of SMEs has ended successfully

28th May 2021 Sofia, Bulgaria – LogSentinel, the innovative provider of cybersecurity solutions, announced that its participation in the project for support and growth of small and medium enterprises (SMEs) through the implementation of voucher schemes by BSMEPA has ended successfully.


Improving Web Security User Experience with HTTP/2

More than half of websites today support HTTP/2 for an improved user experience as web developers continue to move off HTTP 1.1. That’s for several good reasons. HTTP 1.1 can support six concurrent TLS tunnels with one session each to download web objects in popular web browsers, but HTTP/2 uses multiplexing to support thousands of sessions in one TLS tunnel and download web objects much faster.


Easily Automate Across Your AWS Environments with Splunk Phantom

When running Splunk Phantom with AWS services, it can be tricky to make sure Splunk Phantom has the right access. When you’re managing multiple AWS accounts, the effort to configure Splunk Phantom’s access to every account can feel insurmountable. Fortunately, Amazon has the Security Token Service to solve this problem with temporary credentials, so we’ve integrated it with Splunk Phantom!


Code Blue: Healthcare Security in the Age of 5G and Remote Work

Last year was an especially stressful time for healthcare systems. Not only were emergency rooms overwhelmed by patients, a number of them were also hit by system-crippling cyberattacks. According to Comparitech, in 2020 alone, 92 ransomware attacks affected over 600 healthcare organizations, exposing more than 18 million patient records. These attacks brought operations to a standstill for days or weeks at a time, costing the healthcare industry an estimated $20.8 billion.


Top Tips for Technical Due Diligence Process

We all dream of creating the next big thing: getting that investment that will help us over the finish line, landing a partnership with one of the big players, or getting acquired by a global enterprise. But as we race to keep ahead of the market and surprise our customers with bigger and better offerings than they ever imagined, we have to pass that dreaded series of hurdles: technical due diligence.


Ways to setup Squid proxy server and helpful tips

A squid proxy server has two major functions. First, it is an intermediary proxy. Second, it provides cache services for popular network protocols including HTTP and FTP. The use of proxies and cache services makes up a better internet user experience. Proxies provide added layers of security and cache services that make loading processes faster. Obviously, getting both services from a single provider is highly efficient.

The New Threat Landscape for Australian Healthcare

The COVID-19 pandemic has fundamentally shifted the cyber threat landscape for Australia’s health sector, with the Australian Cyber Security Centre (ACSC) reporting a 84% increase in the number of cyber security incident reports relating to the health sector between 2019 and 2020.1 As custodians of vast volumes of highly sensitive information, the industry continues to find itself at the mercy of cyberattacks that paralyze systems until a ransom is paid—threatening the security of patient d


What Are the HIPAA Standard Transactions?

The Department of Health and Human Services (HHS) defines a transaction as an electronic exchange of information between two parties, to carry out financial or administrative activities related to healthcare. For example, a health care provider will send a claim to a health plan to request payment for medical services.


What is Cybersecurity Risk Management?

Every time you log on to the Internet, you put your IT systems and the data you handle at risk. At the same time, it’s also impossible to run a successful business without going online, so a key element of modern business management is a strong cybersecurity risk management program. Why? Because the only people in the cybersecurity field working harder than software engineers are the criminals trying to find a new way to breach the latest network security measures.


Cryptocurrency scam attack on Twitter reminds users to check their app connections

Are you doing enough to prevent scammers from hijacking your social media accounts? Even if you have chosen a strong, unique password for your online presence and enabled two-factor authentication it’s possible that you’ve overlooked another way in which online criminals could commandeer your social media accounts and spam out a message to your followers.


Expanding the Netskope-Microsoft Relationship: Microsoft Intelligent Security Association

Netskope is proud to be a member of the Microsoft Intelligent Security Association! We provide adeep and effective ability to leverage the Microsoft Azure Information Protection (AIP) and Microsoft Information Protection (MIP) feature sets available to E3 and E5 customers who are connecting not only to Microsoft cloud services, but to a wide range of non-Microsoft cloud storage solutions and Internet services.


Snyk debuts on 2021 CNBC Disruptor 50 List at #15

We are honored to share that Snyk has been named to the ninth annual CNBC Disruptor 50 List, coming in at #15! The full list, unveiled earlier this week, identifies 50 private companies “aligned with today’s rapid pace of technological change and poised to emerge from the pandemic as the next generation of business leaders.” The pandemic accelerated digital transformation and associated cybersecurity concerns.


Protecting data when migrating Confluence and Jira from on-prem to cloud

Atlassian made a big splash in cloud SaaS news when they announced that the company would stop selling new on-prem server licenses as of February 1, 2021. Upgrades of existing server licenses will continue to be available through the third quarter of 2022. Impacted services include Jira Software Server, Jira Core Server, Jira Service Desk Service, Confluence Server, Bitbucket Server, Crowd Server, Bamboo Server, Atlassian-built apps, and Atlassian Marketplace server apps.


The Right Steps to SASE: Gain Awareness and Visibility

The following is an excerpt from Netskope’s recent book Designing a SASE Architecture for Dummies. This is the second in a series of seven posts detailing a set of incremental steps for implementing a well-functioning SASE architecture. The first step in solving any problem is admitting there is one.


Elevating the Customer Experience with Expanded OAuth 2.0 and OpenID Connect (OIDC) Support

Consumers are notoriously impatient when it comes to poor digital experiences. According to the ForgeRock: The New Normal survey, 35% of consumers will cancel or delete your app if they have trouble logging into your service. And 32% will switch to your competitor. Ouch!

Overcoming The Challenges Of Selecting An Insider Threat Detection Tool

In a crowded market with so many new products being released, it can often be hard to make sure you're getting the right tool for your organization's security needs. Purchasing an Insider Threat Detection tool for your organization requires extensive research, which can be very time-consuming.

Tripwire Tips and Tricks: Five Things to Do With MITRE ATT&CK

In this session of the Tripwire Tips and Tricks series, you'll learn how to use the MITRE ATT&CK framework to protect your organization from cyberattacks. Tripwire Security Researcher David Lu will walk you through five key use cases for the framework, helping you deepen your understanding of mapping defensive controls to the framework, threat hunting, incident response, and more.

Egnyte and Microsoft Now Empower Co-Editing for Desktop and Mobile

With today’s distributed workforce, it’s essential to have the right tools to collaborate with co-workers. Now with the Egnyte Microsoft Office integration, users can co-edit on Microsoft documents in real-time from the Office Desktop apps. Users now have a choice to use their preferred device.


Securing containers on Amazon ECS Anywhere

Amazon Elastic Container Service (ECS) Anywhere enables you to simply run containers in whatever location makes the most sense for your business – including on-premises. Security is a key concern for organizations shifting to the cloud. Sysdig has validated our Secure DevOps platform with ECS Anywhere, giving AWS customers the security and visibility needed to run containers confidently on the new deployment model.


SASE as a Service: The role of managed services in the world of network security convergence

The next iteration in the history of technology convergence emerged with Gartner’s Secure Access Service Edge (SASE). Networking and security vendors have been integrating capabilities for decades, and market adoption of these integrations has only accelerated due to innovations such as virtualization and cloud computing. From a networking perspective, routing of traffic extends far beyond IP and MAC addresses to now include application steering and transport-agnostic overlay networks.


Seeker and Red Hat: Security and speed come together

Security and speed in software development are not mutually exclusive. Red Hat, the open source software giant, and the Synopsys Software Integrity Group are joining forces to prove it. Synopsys is bringing Seeker®, its automated interactive application security testing (IAST) tool, to Red Hat application runtimes like JBoss EAP, OpenJDK, and WebSphere with OpenShift Container Platform to secure a variety of software applications.


What Is NIST?

NIST is the abbreviated name of the National Institute of Standards and Technology. It’s one of many federal agencies under the U.S. Department of Commerce, and is one of the oldest physical science laboratories in the United States. As a non-regulatory government agency, NIST was originally founded to enable greater industrial competitiveness in the United States. Its focus stems from the mantra, “One cannot manage what is not measured.


Cloud and Threat Report: Gone Phishing

The total number of phishing attacks doubled in 2020, with phishing for cloud credentials, specifically SaaS and webmail app credentials, accounting for nearly a third of the targets of phishing campaigns. Over the same period, we saw cybercriminals hosting 13% of their baits in cloud apps. This blog post summarizes the top phishing trends from 2020 and looks forward at what to expect for the rest of 2021.


Uncovered: Little-known scalper tactics beyond bots

Scalpers are becoming increasingly sophisticated, not just in their use of advanced bots, but also in less obvious ways to get a hold of their desired goods. Here at Netacea we are dedicated to preventing fraud by monitoring, identifying and stopping malicious bots in their tracks. We are so steadfast in this goal that we have even created a MITRE ATT&CK style framework that defines automated attack kill chains – NetBLADE (Netacea Business Logic Attack Definition).


Snyk uncovers supply chain security vulnerabilities in Visual Studio Code extensions

We have been witnessing an ever growing amount of supply chain security incidents in the wild. Everything from open source package managers security flaws being exploited to continuous integration systems being compromised to software artifacts being backdoored. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE.


Deep dive into Visual Studio Code extension security vulnerabilities

To stay ahead of attackers, we constantly monitor various security threats. One of these threats — supply chain attacks — aims to compromise an organization through its software development process. Recently, a huge spike in supply chain attacks was observed — dependency confusion was discovered, the SolarWinds breach was reported and more malicious packages were flagged. This certainly drew our attention (as well as the rest of the world’s)!


Inherent Risk vs. Residual Risk (Quick Explanation)

Inherent risks include all risks that are present without any security controls. Residual risks are the risks that remain after security controls are implemented. Residual risks are inevitable. Even with an abundance of security controls, vestiges of residual risks will remain that could expose your sensitive data to cyber attacks.This is because the proliferation of digital transformation expands the digital landscape, creating more attack vectors.


Devo Insights on the White House Cybersecurity Executive Order

The recent executive order calling for immediate improvements in the federal government’s cybersecurity is impressive. I give the Biden Administration a lot of credit for publicly admitting there are significant problems and weaknesses in the federal government’s IT and cybersecurity infrastructure and practices. The order also includes some key points that are significant for Devo and our customers.

Ask SME Anything: Which legacy technologies are being made obsolete by SASE?

Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

A Fifth of IT Decision-Makers Not Confident in Their OT System Security, Reveals Survey

Attacks against operational technology (OT) and industrial control systems (ICS) grew dramatically in the past few years. Indeed, a 2020 report found that digital attacks against those two kinds of assets increased by over 2000% between 2018 and 2020. Many of those attacks involved vulnerabilities in Supervisory Control and Data Acquisition (SCADA) systems and other ICS hardware components or password spraying techniques.

How to tackle healthcare security threats. Top 6 Healthcare Security Best Practices

Good healthcare security practices – A prescription for healthcare Reduce the attack likelihood Reduce the attack impact Tactical Patch Management Protecting Medical Devices Third-Party Risk Management Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.

King & Wood Mallesons CISO relies on Elastic to "spot and identify" security threats

King & Wood Mallesons (KWM) is among the world’s most innovative law firms and is represented by 2,400 lawyers in 28 locations across the globe. The international law firm, based in Australia, helps clients flourish in Asian markets by helping them understand and navigate local challenges and by delivering solutions that provide clients with a competitive advantage.


Detecting CVE-2021-31166 - HTTP vulnerability

In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced many such responses over the last year, and this one is a good demonstration of the evolving nature of the threat landscape. It also serves to highlight some issues we track through development of these packages. Similar to our response to the Solarwinds incident, there are two high level questions that we aim to shed light on.

Types of Cryptography Attacks

Cryptography is an essential act of hiding information in transit to ensure that only the receiver can view it. IT experts achieve this by encoding information before sending out and decoding it on the receiver's end. Using an algorithm, IT experts can encrypt information using either symmetric or asymmetric encryption. However, like any other computer system, attackers can launch attacks on cryptosystems.

Cryptocurrency trading bots: Strengthening Cybersecurity and minimizing risks

A staggering $1.9 billion in cryptocurrency was stolen by criminals in 2020, a recent report by Finaria reveals. Fortunately, despite the growth of the crypto market, crypto crime has decreased by 57% since 2019, dropping to $1.9 billion. The widespread recent implementation of stronger security measures also means crypto-criminals stole 160% more in value in 2019 than in 2020, despite the similar number of crimes.


A CISO's guide to sensitive data protection

As companies become more digitized, they must take appropriate steps in their application security processes to ensure data protection. The SolarWinds software supply chain attack, which was delivered to over 18,000 customers via the company’s own software update process, was the result of malicious code deployed in SolarWinds’ Orion network monitoring software.


Cloud Threats Memo: Keeping Distributed Workforces Secure

Thanks to the growing availability of vaccines and immunization campaigns in multiple countries, the world is starting to see a light at the end of the COVID-19 tunnel. We are eager to return to a new normal, being aware that some changes will be permanent, or if not permanent will strongly characterize the next years.


Snyk takes on responsibility for Node.js ecosystem vulnerability disclosure program

As announced last week by our good friends at the Node.js Foundation, Snyk has agreed to take over from the amazing Node.js ecosystem vulnerability disclosure program. As a company that’s been part of this program from a very early stage — and has been inspired by it to create our own multi-ecosystem disclosure program — it is a great honor to have been entrusted with this responsibility, and we thank the Node.js Foundation sincerely for their trust in this matter.


The Colonial Pipeline Ransomware: Why It's Hard To Be Protected

After every major cyberattack, security vendors like LogSentinel are expected to write something on preventing future similar incidents, probably involving their technology. And yes, we do have a ransomware prevention page that outlines the key features of LogSentinel SIEM to fight against ransomware. But it’s much more complex than that. What everyone in the industry knows is that in order to not be affected significantly, you have to have a proper off-site backup.


Privacy Impact Assessment - PIA vs DPIA (GDPR)

Before GDPR, PIA (Privacy Impact Assessment) were a thing. This topic is around privacy impact assessment, its purpose, PIA vs DPIA and includes the underlying context of GDPR compliance. The monotony has been changed since the General Data Protection Regulation (GDPR) came into existence; it has significantly changed the concept of data privacy and security.


Critical Mobile Security Capabilities Everyone Needs

One thing that 2020 taught us is that you can do anything with a mobile device. My smartphone and tablet have become my go-to for shopping, banking, watching TV and video chatting with family and friends. I’m also getting a lot of work done on them. Basically it has become the center of both my personal and professional lives. Here’s the dilemma a lot of organizations are facing: while away from the office, your workers are using their mobile devices to stay productive.


What is Unified Policy as Code, and Why Do You Need It?

Uptime. Reliability. Efficiency. These used to be perks, elements of forward-thinking and premium-level enterprises. Now they’re a baseline expectation. Today, consumers expect information, resources, and services to be available on-demand, updated in real time, and accessible without fuss. Imagine trying to Google something or place an order from Amazon only to be told, “Please try again in 48 hours. Sorry for the inconvenience.”

Upload Binaries to Scan with Veracode Static for Eclipse

In this video, you will learn how to prepare a build of your application using Veracode Static for Eclipse and upload the build to a new or existing application profile in your Veracode portfolio. Veracode Static for Eclipse is a plugin for the Eclipse IDE that enables you to upload binaries to Veracode for static analysis. You can work with the scan results from within Eclipse to review and mitigate security findings in your applications.

Harnessing security expertise to power SAST and Code Security

Join us for a live stream with Benji Kalman, Director of Security RnD at Snyk, to talk about his experience in security research and managing the Security team over at Snyk. We'll talk about his role, what are day-to-day activities like, what are the challenges, and then connect it to the deep security expertise that help augment secure coding via Static Application Security Testing (SAST) tools.

2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

Cybersecurity has always been a significant challenge for businesses, mostly due to the increasing financial and reputational cost of data breaches. As a result, there has been a consistent rise in tactics and technologies used to combat these threats. These methods fulfill the need for better, smarter ways to augment enterprise-level security and minimize mobile security risks.


Data Protection Impact Assessment (DPIA) GDPR - meaning, methodology and more!

A DPIA is a Data Protection Impact Assessment. It’s an assessment of the likely impact on data subjects (individual) and their rights, both regarding privacy and freedom to conduct business. The goal: To identify what measures might be needed for compliance with GDPR or equivalent legislation elsewhere in the world before beginning a new process involving personal data that will make it clear how that individual’s right is affected by this project.


What Makes a Security Analyst Successful? Investigative Thinking

The new SANS 2021 Report: Top Skills Analysts Need to Master analyzes the need for organizations to invest in improving their security operations and identifies the skills analysts must master to support this initiative. Characterizing an analyst as essentially an investigator, the SANS report breaks the investigative process down into two primary areas: Investigative Tasks and Investigative Thinking.


New Executive Order Forces Federal Agencies to Rethink Log Management

Last week President Biden issued a widely publicized executive order to improve cybersecurity and protect federal government networks. The order comes in the wake of several prominent attacks against public-sector and private-sector infrastructure in recent months including last week’s Colonial Pipeline ransomware attack that disrupted fuel supplies and triggered gasoline shortages in the Southeast.


Haidrun enters blockchain market with next-gen enterprise solution

Tech start-up Haidrun has announced its arrival in the fast-growing blockchain market with the launch of its new Haidrun private blockchain platform. With early generations of blockchain offering robustness and trust, but at the expense of confidentiality, performance and cost, Haidrun’s new technology is designed to bridge this gap and specifically address the needs of enterprise customers.


Building a complete network security checklist

Understanding what to audit in a network can be chaotic and confusing. Building a complete network security checklist is crucial for organizations with computers connected to the internet or to each other. Think of it like an antivirus scan you might run on your computer to find Trojans or malware, except you’re scanning your entire network to find anything that may cripple it.


New SMS Phishing Campaigns Target Retail Customers

SMS-based phishing attacks are nothing new. They’ve been around in one form or another since the technology became mainstream in the mid-90s, and more so since the introduction of smartphones a decade and a half ago. However, in their latest incarnation, AKA Smishing, such attacks are progressively executed on a scale never seen before. In the last couple of months, Cyberint has seen an increase of SMS phishing attacks targeting the customers of retail companies.


AWS IAM security explained

AWS Policies are a key foundation in good cloud security, but they are often overlooked. In this blog, we take a quick look on some AWS Policies, particularly for Identity and Access Management (IAM), that could become problematic if not properly managed. We'll discuss how they can be used against us to generate attacks like: Ransomware, data exfiltration, credential abuse, and more. Finally, we'll suggest some Open Source tools for cloud policy assessment and pentesting.


Picking the Right Comprehensive Threat Detection Solution

A slew of recent changes, particularly the massive shift to remote work following the pandemic, has rapidly redefined the cybersecurity threatscape. In the new cyber normal, organizations face the security dilemma of keeping existing tools versus adopting solutions to protect them against today's threats.


DigitalOcean vs Linode

Chances are, if you’re shopping for a virtual private server, you already understand why they’re useful for web developers, app designers and everyone in between. You also probably know that the surge in popularity of hourly pricing means you can try most of the big players in this space for yourself for the cost of one Bazooka Joe comic (not even the gum, just the comic).


How to protect your Wi-Fi devices from new FragAttacks vulnerabilities

Fragmentation and aggregation attacks (FragAttacks) are WLAN vulnerabilities discovered by Mathy Vanhoef, who created this webpage to provide more information about them. Three of these vulnerabilities are 802.11 specification design flaws, and they are probably as old as the 802.11 specification itself. Aggregation was added in 802.11n, which means this vulnerability has been in the design for over 10 years. Nine of these vulnerabilities are implementation flaws.


Introducing Snyk Preview: Early access to Snyk features

In 2020, over 30 new major features were released across the Snyk platform — in Snyk Open Source, Snyk Container, Snyk Infrastructure as Code, and Snyk Code. While both our development and product teams deserve credit for Snyk’s rapid pace of development, our users also play an important role by continuously providing us with their feedback and insight. Our ultimate goal is to help development and security teams be successful in mitigating risk.


Continuous dependency updates: Improving processes by front-loading pain

This is a story of bringing the pain forward, begging forgiveness, and continuous improvement. In the early days of Manifold — long before we joined Snyk — we were building an independent marketplace for developer services (like databases or transactional email senders). The structure of our code was typical: we had a React frontend app, and a collection of Go microservices talking to a database. A typical structure meant we had typical problems, too.


Veracode and Finite State Partner to Address Connected Device Security

Over the past decade, we have seen the rapid adoption and expansion of connected devices and embedded systems among businesses. This includes anything from the Internet of Things (IoT) to connected medical devices, building systems, Industrial Control Systems (ICS), and other devices that power our lives and our infrastructure.

The biggest cyber risks for healthcare providers and how to tackle these security threats.

Security threats in healthcare relate to the safety of the clinical and administrative information systems of hospitals and healthcare service providers. Increasing cyber attacks on healthcare organisations in the last few years have been faster than the improvements in healthcare security practices. In this article, we discuss the cyber security threats and vulnerabilities of hospitals and healthcare providers, followed by best security practices aimed at improving security posture.

Superior Integrity Monitoring: Getting Beyond Checkbox FIM

If File Integrity Monitoring (FIM) were easy, everyone would be doing it. Actually, it is pretty easy. It’s not exactly rocket science. Practically anyone with a modicum of Python, Perl or development skills can write an app or a script to gather the checksum of a file, compare it to a list or baseline, and tell you whether or not said file has changed.


"Network Security" the Biggest Concern for Public Cloud Adoption, Reveals Survey

Cloud misconfigurations represent something that’s plaguing many organizations’ cloud adoption efforts. For example, a 2020 report found that 91% of cloud deployments contained at least one misconfiguration that left organizations exposed to potential digital threats. Those weaknesses contributed to more than 200 data breaches between 2018 and 2020, noted SC Magazine, with those security incidents exposing more than 30 billion records.


Detecting and Mitigating CVE-2021-25737: EndpointSlice validation enables host network hijack

The CVE-2021-25737 low-level vulnerability has been found in Kubernetes kube-apiserver where an authorized user could redirect pod traffic to private networks on a Node. The kube-apiserver affected are: By exploiting the vulnerability, adversaries could be able to redirect pod traffic even though Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range.


Securing the new AWS App Runner service

In its mission to simplify building and running cloud-native applications for users, Amazon has announced the GA of AWS App Runner, a new purpose-built container application service. With security top of mind for most organizations shifting to the cloud, Sysdig has collaborated with AWS to enable threat detection for the new platform.


OWASP Top 10: Insufficient Logging & Monitoring Security Vulnerability Practical Overview

Insufficient Logging and Monitoring differs somewhat from the previous 9 risks. While it cannot lead to a direct intrusion, this risk is that you fail to detect the intrusion in a timely manner, a failure that can cost millions.


What the Cyber EO means for federal agencies

For those of us who have spent our careers working in cybersecurity, President Biden’s recent “Executive Order on Improving the Nation’s Cybersecurity,” (EO) held no surprises. However, it is a step toward accelerating the modernization of public and private infrastructure upon which the nation relies.


Impact of GDPR on Cloud Service Providers

Cloud computing is an integral part of most businesses globally. Technology has transformed the way businesses operate and thrive in the industry. However, the cloud industry has been facing huge challenges when it comes to complying with various data protection and data privacy standards. With the enforcement of the General Data Protection Regulation (GDPR), a lot has changed for most businesses.

outpost 24

What's new and changed in CIS CSC version 8 - IG1

On May 18th 2021, the Center for Internet Security (CIS) released version 8 of the Critical Security Controls (CSC) - a business and technology agnostic set of recommendations that all organizations should consider and follow to prevent the most prevalent and dangerous attacks. In this blog series we discuss the ins and outs of the new guidance to get you up to speed with v8.


Cloud Threats Memo: How Contact Tracing and Personal Cloud Apps Led to a Huge PII Exposure

COVID-19 contact tracing and personal cloud apps, what could possibly go wrong? A recent federal lawsuit, filed against the state of Pennsylvania and a vendor contracted by the state’s Department of Health, provides an interesting answer. The vendor in question was contracted “to provide contact tracing and other similar services” following the outbreak of COVID-19 in March 2020.


Weekly Cyber Security News 21/05/2021

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. This first article makes a really good point of pointing out how ludicrous the apathy to tighten exposed service is. The cloud providers have done a lot to make it obvious vulnerable services are exposed, but no, people still can’t or ignore such advice. Is it lack of capability? Ignorance? Cost cutting? Maybe all of them.


How to design Data Safety into your cloud

What is Data Safety, why is it important, and how do you go about designing into the foundations of your data environment? When you see the phrase "Data Safety", the chances are you think of Data Security. Most people do. What is far less likely is that you think of the other two pillars of Data Safety: Data Privacy and Data Governance. Clearly, all three pillars overlap.


Data privacy programmes deliver more than privacy adherence

Reduced costs, new revenue streams, greater customer trust and new markets The best data privacy programmes are granular. They assess the root of every data source, the nuances of every data use and the specifics of every way in which data is stored and shared. From that finite visibility, liabilities can be identified and appropriate remedies put in place that carefully balance the demands of the data subjects with the needs of the business.


Reporting a GDPR data breach

In order to understand how to report a data breach, we first have to know what a data breach actually is. Under the GDPR, a personal data breach is “the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.” This covers a wide range of scenarios, some of which might be surprising. The following would all be considered as data breaches under the GDPR.


Live From RSAC: Anne Neuberger Addresses President Biden's Executive Order on Cybersecurity

Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, addressed President Biden’s executive order at the virtual RSA Conference this week. The executive order, announced on May 12, 2021, aims to safeguard U.S. cybersecurity and modernize cybersecurity defenses. As Neuberger explains, this executive order couldn’t come at a more critical time.


What is Residual Risk? Why it Matters So Much in 2021

Residual risk is the threat or vulnerability that remains after all risk treatment and remediation efforts have been implemented. Even with an astute vulnerability sanitation program, there will always be vestiges of risks that remain, these are residual risks. Because they will always be present, the process of managing residual risk involves setting an acceptable threshold and then implementing programs and solutions to mitigate all risks below that threshold.

xona systems

The Colonial Pipeline Incident Fallout and Building Zero-Trust

Back in March, a hacking group known as DarkSide began a campaign on Colonial Pipeline’s IT network and billing systems. On May 7th, Colonial publicly announces the attack, shuts down servers and some pipelines and pays DarkSide $4.4M in ransom. On May 12th, Colonial restores operations and announces fuel delivery timelines amidst panic buying at gas stations.


Live From RSAC: Disinformation: As Dangerous as Cyber and Physical Threats

In today’s digital world, we practically live on our phones or computers. Chances are, you don’t go more than 15 minutes without checking your email or social media. And you probably get most of your news from the Internet. But how do you know what information is real? Two different news sites might be giving a different opinion of the same story. Take the presidential election, for example. There was a frenzy of fake news trying to sway voters in one direction or the other.


Baseline Security (Posture) Monitoring is the New Breach Monitoring

As part of the 2021 MSP 500 project, CRN asked MSPs to describe their most significant challenges for 2021. Their answers ranged from 'finding and hiring highly trained new employees' to 'fulfilling clients' sophisticated IT security needs whilst sustaining business in the saturated MSP market.' In 2021 the cybersecurity threats have taken different shades and have compelled the MSPs to refine and increase their security offering to stay relevant and thriving in the market.

Cyber Insurance: Insuring the Intangible

Whichever way you look at it, the talk around cyber has been gathering steam. Plenty of commentators on the insurance market have predicted that 2021 will be the year that cyber insurance comes into its own. Cyber risks are constantly shifting and personal and commercial insurance is fast becoming a must-have. However, it’s hard to draw the line between the two as remote working becomes more common so insurers are finding it difficult to write cyber in a general sense. Demand won’t drop off though. Nor will the threats.

Egress Human Layer Security Global 2021 on demand

The way we work has fundamentally changed. As business leaders and organisations look ahead to a post-pandemic workplace, one thing is clear: it will be highly flexible and mobile. Join Human Layer Security Global to hear from industry thought leaders and top brands about how this changes insider risk and what you need to do to keep sensitive data secure now and for the future.

Strategic roadmap to ensure Exchange security

With the quantum leap in the adoption of remote work environments, cybercriminals are turning their attention on the security vulnerabilities in these environments. On top of this, protecting remote connections is becoming increasingly difficult because hacking techniques have become more sophisticated. At ManageEngine, we’ve designed a seven-step strategy to help ensure holistic Exchange security: Detect attacks before they cause damage


Confessions of an Information Security Engineer

Here’s the story of an information security engineer whose organization urgently needed new security log management stack that would enable him and his peers to not only survive but really thrive. In this Log’s Honest Truth podcast, presented in partnership with ITSP Magazine, Julian Waits, GM of the Devo cyber business unit & public sector, discusses the confessions of “Mr. B,” an information security engineer. Mr.


Avaddon Ransomware Attack Hits AXA Philippines, Malaysia, Thailand and Hong Kong

The AXA Group has been targeted by Ransomware and the threat actors have publicly announced this incident. AXA Group’s IT Operations were affected regionally in the Philippines, Thailand, Malaysia and Hong Kong. The hostaged data, amounting to approximately 3 terabytes, consisted of customers’ personally identifiable information, health records, medical claims, patients’ personal health conditions, photos of IDs and passports, bank documents, and hospital invoices.


Does Your Threat Intelligence Solution Have These Essential Features?

Threat intelligence solutions provide security teams with critical context on cybersecurity vulnerabilities and the threat actors seeking to exploit them. This helps organizations to respond proactively and efficiently to threats. Yet while all threat intelligence tools offer the core feature of basic information about cybersecurity threats, they vary significantly in the ways they make available that data.


Biden's Cybersecurity Executive Order Focuses on Supply Chain Attacks

“The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy. The Federal Government must improve its efforts to identify, deter, protect against, detect, and respond to these actions and actors.”


What is a trusted advisor? ...and why do I need one?

Organizations today, even those not related to "tech", all have a need for cybersecurity. Regardless of your industry vertical, if you have email, a website, a phone system, or even just have people using computers, cybersecurity is needed at some level or another to protect your ability to do business.

outpost 24

What is API Security and how to protect them

APIs are a key part of modern web application development transforming how organizations build, manage, and scale their web and mobile services. In this blog we discuss why APIs are the new web application security, highlighting the growing challenges of API security risks and sharing best practices for preventing API attacks.


6 Key MSSP Obstacles That Can Be Solved With Automated and Integrated Security Operations

The pandemic spared no one and created disruption for everyone. But adversity can bring opportunity, and many of the businesses that prospered because of COVID-19 were the ones able to offer customers something that the crisis took away from them. (Raise your hand if you or someone you know purchased – or at least thought seriously about buying – a Peloton.)


How to cyber security: Leverage AST solution data to make risk-based decisions

AST solutions provide insights to help organizations make more-informed decisions about their security investments. By now, everybody is familiar with the fundamental value of using application security testing (AST) solutions. You do security testing as part of a secure software development life cycle, you find security bugs, you fix them, and the software you release has a lower risk of being compromised, interrupted, or otherwise abused by attackers.


What are the PCI DSS Password Requirements?

The PCI DSS compliance password requirements are mandated by Requirement 8 of the Payment Card Industry Data Security Standard (PCI DSS). Password compliance plays a key role in the PCI standards because it dictates the password complexity necessary to help an organization better defend its systems against unauthorized access.


The Right Steps to SASE: Understand Where You're Going

When undertaking a new project, the need to deliver quantifiable results today (or at least very quickly!) is a significant challenge facing a CIO, CISO, or anyone with high-level responsibility for enterprise networking and security. Unlike typical IT projects where long development cycles may be tolerated, security must demonstrate value right away and deliver quick wins. Vulnerability is scary.


Streamlining Security Incident Management & Responses

In order to get a grasp on how to ease security incident management and response processes, there are terms to be clarified first. First of all, a security incident is the common name of an attack towards an organization’s cybersecurity system, network, or data in general. In addition, TechSlang also includes successful attacks within the term “incident”. Therefore, whether impactful or not, all types of attacks, violations, or exploitations can be described as security incidents.

Hardened Access - Dual Authorization for Roles & Per-session MFA with Yubikeys

This webinar is a deep dive into how companies can harden access to Teleport with two new features in Teleport 6.1 These include creating dual & multi Authorization rules, requiring multiple team members to approve role escalation. This is an important FedRAMP control ( AC-3 ) and increasing the visibility and audibility for access. We’ll show how you can enforce per session MFA with the aid of hardware tokens; reducing the scope and risk related to certificate exfiltration.

Live From RSAC: Is Digital Transformation Making AppSec Headless?

Chris Wysopal, Veracode Co-Founder and CTO, recently sat down with Tom Field, ISMG Senior Vice President of Editorial, for an executive interview at the RSA Conference 2021 to discuss if digital transformations are making application security (AppSec) “headless.”


Live From RSAC: AppSec's Future and the Rise of the Chief Product Security Officer

Chris Wysopal, Co-Founder and CTO at Veracode, and Joshua Corman, Chief Strategist of Healthcare and COVID at CISA, presented at the 2021 RSA Conference on AppSec’s future and the need for a new Chief Product Security Officer (CPSO) role. Wysopal started by quoting entrepreneur Marc Andreessen saying, “Software is eating the world,” to express just how much we rely on technology. From our iPhones and laptops to our cars and even our refrigerators … software is everywhere.


Top 5 Cybersecurity Threats and Vulnerabilities in 2021

As the pandemic starts to fade, it can be easy to fall into a false sense of security. While there’s finally an end to COVID-19 insight, the cybersecurity pandemic rages on. 2020 was a record year for cybercrime, and the same threats will plague 2021. Amid the disruptions of 2020, many businesses embraced remote work, cloud services, and IoT technologies. These changes, in turn, led to a shifting cybersecurity landscape as cybercriminals adapted and new threats emerged.

What does a penetration testing report look like? Why are reports so important?

The importance of pen test reports can't be undermined on the customer side. Moreso because makes the base for risk remediation activity that is a much bigger job than a pen test. Therefore, it is very important that pen test reports reflect the output of testing addressing different audiences (business and technical). What should a penetration test tell you? What is a pentest report? What to expect from a Penetration test report?

Testing for PHP Composer security vulnerabilities with Snyk

PHP is used extensively to power websites. From blogging to ecommerce, it’s embedded in our everyday lives and powers much of the internet we use today. According to a Wappalyzer report on top programming languages of 2020, PHP has a 79% market share of backend languages used on the internet today. One of the biggest challenges with PHP libraries over the years has been package management. There have been a few ways to easily install and maintain libraries including PECL, CPAN.

Data Security & Governance for the Way You Work Today

The old cybersecurity stack is being pushed to the brink and no longer meets the needs of modern distributed workforces. It’s time for data security to adapt to the way we work today by putting data at the center of the security strategy. Learn how Egnyte is reimagining data governance and cloud security by delivering centralized visibility and control over your most sensitive content, wherever it’s accessed.

Why Google's new privacy labels are important

When Apple released their privacy nutrition labels, it was seen as a key turning point in platform-level privacy. Even so, while Apple holds control of mobile device profits and industry mind share, they do not account for the majority of mobile devices globally—especially in developing countries. The iPhone is expensive, and therefor any of its privacy protections become a benefit only to those that can afford their devices.


Could you be a threat hunter?

Threat hunting can seem like an intimidating discipline to many. Something that is shrouded in mystery and the preserve of highly experienced and trained cyber specialists in companies with huge resources. Operating a world-class 24/7 threat hunting team like the experts in CrowdStrike’s Falcon OverWatch is far from simple and in reality many companies never even try. We want to encourage people who are new to threat hunting to give it a go and make it easy to get started.


Safeguard Digital Journeys with Robust ID Verification

Even as COVD-19 slammed the brakes on in-person interactions across the globe, it simultaneously accelerated the virtualization of working models. Everything that was online was accessible; anything that was not, lagged behind. In response, companies have raced to support and retain their customers by providing digital capabilities and online experience at a speed that was previously unimaginable. As the digital economy amplifies on a global level, seamless online transactions are penetrating communities all over the world. But with this, there is a growing threat of probable frauds too.

Healthcare cybersecurity: Our 6-step plan to secure healthcare data

The HIPAA Journal reported that “2020 was the worst ever year for healthcare industry data breaches.” In the US alone, there were 642 reported data breaches in which the number of records stolen exceeded 500, and in total, nearly 29.3 million healthcare records were exposed.


DevSecOps' Security Ownership Problem

Who’s responsible for security? Milton Friedman once said “When everybody owns something, nobody owns it, and nobody has a direct interest in maintaining or improving its condition.” While that quote was about physical buildings 40 years ago, it’s still relevant to how we build software today. The technology required to shift security left exists but the organizational shifts are lagging behind.


Raccoon Stealer

First observed in 2019 and advertised (Figure 1) as a 'Malware-as-a-Service' (MaaS) threat on various cybercriminal forums, Raccoon is an information stealer targeting victim credentials and cryptocurrency wallets. Seemingly favored by some threat actors due to its simplicity, the malware element of Raccoon omits advanced features, such as those used to evade detection, and instead focuses on the 'stealer' task in hand.


Problematic JavaScript Vulnerabilities And Their Fixes Every Developer Should Know

A web developer’s ultimate goal is to not only develop a website or an app that is aesthetically and functionally stunning but highly secure as well. Cybersecurity is inevitable and no end-user would want to have an app that could breach or compromise their data security and integrity (no matter how useful the app is). With hackers and middlemen working on creative ways to explore vulnerabilities, it is on developers like us to take charge and be a step ahead of them.


Stalkerware: What is being done to protect victims as the number of cases rises

People are increasingly becoming aware of the threats posed by hackers who infiltrate devices using viruses, spyware and malware. However, it may be time to shine the spotlight on “stalkerware”, a completely different type of cyber security threat that nevertheless has lasting negative repercussions. In this article, we will talk about this malicious software, which allows a remote user to surveil all activities on another user’s device.


A Real-World Look at AWS Best Practices: IAM Policies

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.


Loyalty program abuse: How malicious bots target hotels

Hotels across the globe have been subject to massive data breaches and widespread loyalty fraud over recent years. Competitive bookings have become a prime target for cybercriminals who take advantage of look-to-book ratios and the vast amounts of data held by hotel chains to execute loyalty program abuse. But as severe travel restrictions came into play and bookings ground to a halt, hotels became almost redundant for 12 months of the pandemic.


Overview: Custom Questionnaire Builder by UpGuard

Digital transformation is creating unpredictable mutations across the attack surface. As a result, some third-party risks have outgrown the discovery mechanisms offered by the hundreds of standard security frameworks currently available. To cater to these growing use cases, UpGuard has introduced custom questionnaires to its industry-leading third-party risk management platform. Custom questionnaires are vendor security questionnaires that you can design yourself.


Artificial Intelligence: The Key to Self-Driving Identity Governance

When it comes to identity governance, the future is here. Hyper-automation and self-driving governance promise to make as dramatic an impact as that of agile development. The result? Faster regulatory compliance, lower costs, and substantially reduced risk.

Product Spotlight & Roadmap | UpGuard Summit May 2021

Hear from Chief Product Officer, Dan Bradbury, about UpGuard's latest features from this quarter, as well as the exciting releases coming soon. UpGuard is a complete third-party risk and attack surface management platform, managing cyber risk across attack surfaces and third-party vendors by proactively identifying security exposures.

The Netskope Online Community

Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

IT Network Attacks Can Impact Your OT Networks, Too

On May 8th, I was at a gas station filling up my car before a trip I was taking when the news about a cyberattack against a large pipeline company broke. The attack led them to halt all operations. Ultimately, the incident stemmed from a ransomware infection in which a well-known threat actor took volumes of corporate data in just two hours and made their demands including the threat to block and encrypt the company’s network. They even threatened to release the data to the internet.


GDPR - Individual Rights

As more businesses collect and share customer personal data for their digital economy, it has significantly influenced data privacy in today’s digital age. Data is the most critical asset to both businesses and customers/users. Businesses must ensure the confidentiality and integrity of users’ data and impose strict control over personal data collection and processing.

Trend Micro & Snyk - Better together

This Trend Micro and Snyk talk gives an overview of what is open source is, including the growth, power and potential risk involved in using it to build and deploy cloud native applications. With visibility into open source vulnerabilities and license issues the first time sec ops professionals have visibility into potential vulnerabilities in open source components through . Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Little Code, Big Impact: Easily Scale your Security Automation with Splunk SOAR

The great Ricky Bobby from Talladega Nights once said, “If you ain’t first, you’re last.” Whether we’re talking about a NASCAR race or responding to a security alert, being able to quickly discover attacks and adversaries and respond rapidly is critically important to reducing risks and managing threats to your organization. How do we suggest you do that? With a SOAR (Security Orchestration Automation & Response) tool.


Adoption and acceptance of Digital Identity

While the world is still more familiar with physical IDs (which may then be linked to online government records), it continues to be inadequate today, as they can be easily manipulated or purchased illegally. IDENTITY –still on a piece of paper? This needs another thought, in a world where hard copies are going obsolete. Hence, governments of different countries have taken up new projects to build a 100% secure and digitized identity by levelling up their existing systems.


What is data loss prevention?

DLP security strategies, benefits explained The threat landscape is a constantly evolving challenge for enterprise security professionals – the number of cyberattacks is continuing to rise, data exfiltration is now included in 70% of ransomware attacks, and insiders are responsible for 30% of all data breaches. As a result, enterprises are constantly looking for ways to reduce the risk of sensitive data being leaked outside the company.


Introducing Rapid Integration Connector: A New Solution for AppSec Tools

Anyone working to stand up or build out a robust AppSec program understands the ongoing need for security scanning tool integrations. Practitioners rely on a “garden shed” of AppSec tools, including open source and leading commercial ones, to support their security efforts.


Detectify Research Team releases Ugly Duckling, a web scanner for hackers

STOCKHOLM, SWEDEN – the Detectify Security Research team announced the general availability of Ugly Duckling, a stand-alone application security tool specifically tailored for ethical hackers to make it easier for them to share their latest findings. This new open-source scanner was developed with the Detectify Crowdsource community hackers in mind, and it is available for any security enthusiasts to tinker with as well.


7 Best Practices to Prevent Intellectual Property Theft

Original ideas, developments, and trade secrets help businesses increase their value and stand out among competitors. But as market competition grows, the risks of intellectual property (IP) theft and leaks also grow. Establishing basic security policies and procedures to protect sensitive data is crucial if you want to continue to benefit from your intellectual property.


How to remove friction in DevOps with Intelligent Orchestration partner integrations

Synopsys’s world-class application security products, services, and the recently released Intelligent Orchestration can help you build secure, high-quality, resilient software faster. But no single vendor can provide solutions for all the challenges a company faces today. Firms need partners to solve the myriad business challenges they face. Synopsys Technology Alliance Partner program partners with the technology industry’s leading organizations to create joint customer value.


Reciprocity and ZenGRC Win Four Cyber Defense Magazine InfoSec Awards

SAN FRANCISCO – May 18, 2021 – Reciprocity, a leader in information security risk and compliance with its ZenGRC platform, today announced ZenGRC has been awarded four coveted Cyber Defense Magazine (CDM) InfoSec Awards: Most Innovative in IT Vendor Risk Management, Cutting Edge in Risk Management, Most Innovative in Third Party Risk Management, and Publisher’s Choice in Compliance.


Hacker Tools Used for Good as Exposed Amazon Cloud Storage Accounts Get Warnings

Responding to the all too familiar news of compromised Amazon cloud storage, security researchers have begun leaving “friendly warnings” on AWS S3 accounts with exposed data or incorrect permissions. The misconfiguration of access control on AWS storage “buckets” has been behind numerous high profile data breaches, including Verizon, The Pentagon, Uber and FedEx.


A Closer Look at the Software Supply Chain Requirements in the Cybersecurity Executive Order

Software security is a big focus of the Biden administration’s recent executive order on cybersecurity. In fact, an entire section, or 25 percent, of the order is dedicated to software security requirements. In the wake of the SolarWinds cyberattack, the security of the software supply chain is clearly top of mind at the White House, and has prompted these unprecedented and detailed security requirements for any software vendor looking to do business with the federal government.


Google's Office of the CISO Points the Way Towards Scaling Security

Amazon’s, Google’s and Microsoft’s experiences with building massive infrastructures for the world allows for some fascinating insights into the future of IT security at scale. As a result, when Google published The CISO’s Guide to Cloud Security Transformation earlier this year, I was curious about what priorities they saw in cloud security. It’s a short read, and it’s well worth the time invested in downloading a copy.


Styra raises Series B to Drive Cloud-native AuthZ

In November 2019, just after Styra raised $14 million in our Series A funding round, I wrote that the market’s move away from monolithic apps and adoption of containerized cloud-native application architectures was going to provide “a substantial market opportunity for policy and authorization to evolve.” A lot has happened since I wrote that, and I’m happy to report that while our Series A round showed the market opportunity, our latest round of funding proves the validity of t


Exploring intent-based Android security vulnerabilities on Google Play

Our phones know a lot about us, so it’s important we can trust them. After discovering and then publishing our findings on SourMint — the malicious iOS ad SDK — the Snyk Security Team decided to dig deeper in the Android ecosystem. To do so, we leveraged Snyk Code to analyze and search for vulnerabilities in applications uploaded to the Google Play store.


3 Steps Construction and Engineering Companies Should Take to Prevent Ransomware (and one to help you recover from an attack)

In our recent infographic we reported that almost 1 in 6 construction companies reported a ransomware attack in the past year so, yes, ransomware is a serious problem for construction companies. The question then becomes: why are construction and engineering companies being targeted with such frequency? For two reasons; first is a distributed workforce.


Facebook loses its fight to transfer EU data to the US.

The Irish High Court, Ireland's data privacy watchdog, has won a legal fight over Facebook's data flows between the EU and the US. When the EU-US Privacy Shield was ruled insufficient in protecting the privacy of EU data subjects last year, many companies were left in an uncomfortable state of limbo waiting. Any organization moving data about EU residents from the EU to the US has been in the dark on whether they were still in compliance.


Threat Intelligence, Integration and Automation in a Modern SOC

As organizations continue to evolve their security operations maturity and the SOC increasingly focuses on detection and response, three capabilities are foundational for success – threat intelligence, integration and automation. In a recent webinar, “Evolution of CTI – Use Case in a Modern SOC,” ThreatQuotient’s Yann Le Borgne, together with Ben van Ditmars of Atos and Martin Ohl from McAfee tackle this topic.


ProblemChild: Detecting living-off-the-land attacks using the Elastic Stack

When it comes to malware attacks, one of the more common techniques is “living off the land” (LOtL). Utilizing standard tools or features that already exist in the target environment allows these attacks to blend into the environment and avoid detection. While these techniques can appear normal in isolation, they start looking suspicious when observed in the parent-child context. This is where the ProblemChild framework can help.

How to Stop Insider Data Theft And Protect Privileged Access Management (PAM) Using SIEM?

In this video, we will demonstrate how LogSentinel SIEM is the perfect solution for monitoring and identifying when a privileged user attempts to modify data which would impact the trustworthiness of the information. LogSentinel's #SIEM software will alert you in real-time for any changes made by privileged users.

3 actions to take based on the Colonial Pipeline ransomware attack

Ransomware has been a thorn in the side of cybersecurity teams for the past several years. As other security threats have come and gone, this insidious threat has been a constant challenge for every organization. This past year has proven to be especially profitable for ransomware operators, as major organizations like United Health Services, Orange and Acer have fallen victim to these attacks.


Teaching kids internet safety tips for Zoom parties

The internet has changed over the years. Kids today are less interested in random chat rooms, and more inclined to connect with their friends via social media. Most recently, Zoom parties have become the norm for kids, especially due to the COVID-19 pandemic. On paper, Zoom parties can be great ways for kids to stay connected. They can chat with their friends, and even meet people from different parts of the country – or the world!


Detectify Security Updates May 17

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users.


What's new in the 2021 'Open Source Security and Risk Analysis' report

As the use of open source has grown, so has the number of vulnerabilities. Uncover the latest findings from the 2021 OSSRA report. Open source libraries are the foundation for every application in every industry. But paralleling the popularity of open source is a growth in risk—specifically around open source licensing, security, code quality, and especially open source sustainability.


SOAR Tools: What To Look For When Investing In Security Automation Tech

Organizations may use security orchestration, automation and response (SOAR) to streamline security operations in three main areas: threat and vulnerability detection, incident response, and security-operations automation. Teams may use automation to increase efficiencies and maintain control of IT security functions from a single platform. SOAR solutions also allow for process execution, performance gap analysis, and machine learning to aid analysts in intelligently accelerating operations.


Malware Blindness in the Enterprise: How to Counter It?

These days several enterprises encounter suspicious links and websites that are ready to steal their data. This isn't very surprising as cyber crimes have increased tremendously in the last few years. Last year, Zscaler’s platform detected and blocked 2.7 million encrypted phishing attacks per month. It also found that 32 percent of newly-registered, potentially malicious domains were using SSL certificates.


Ghosts in the Machine - OT and IT Convergence

There is a saying in cybersecurity that “Data is the new oil.” If that is true, then that oil is powering not only the economy but also industry. The term ‘Industry 4.0’ refers to the fourth industrial revolution where traditional manufacturing and industrial processes are increasingly using IT and data to the point that we’re now seeing the emergence of ‘smart factories.’


Cybersecurity Training: Raising Awareness And Securing Your Business

Organizations are increasingly faced with threats from sophisticated criminal organizations and nation-state actors. To mitigate the risks posed by cyber criminals, organizations must secure and protect their proprietary and sensitive information. They must also commit to training their employees to do their part to protect proprietary and sensitive information.


What the White House's Cybersecurity Executive Order Gets Right-And What We'd Like To See More Of

Netskope applauds the White House’s Executive Order on Improving the Nation’s Cybersecurity, especially the rigor with which short-term deadlines and some clear-cut plans of action are described. DarkSide ransomware and the attack on the Colonial Pipeline is just one recent example of events that have disrupted national critical infrastructure and put the privacy and safety of millions of individuals at risk.


Misconfigurations, known unpatched vulnerabilities, and Cloud Native Application Security

Two weeks back, we published our annual State of Cloud Native Application Security report. If you haven’t seen it yet, here’s a TL;DR. We surveyed nearly 600 developers and security professionals to see how the shift to cloud native (digital transformation) has changed their security posture. Then we parsed the results, gleaned valuable insights, and put them in an interactive webpage.


DarkSide Ransomware: Splunk Threat Update and Detections

The ransomware campaign against the Colonial Pipeline highlights the dangers and real-life consequences of cyberattacks. If you want to understand how to use Splunk to find activity related to the DarkSide Ransomware, we highly recommend you first read “The DarkSide of the Ransomware Pipeline” from Splunk’s Security Strategist team. In short, according to the FBI, the actors behind this campaign are part of the “DarkSide” group.


Mind the GAAP: A Lens for Understanding the Importance of the CIS Controls

Given that attacks are only increasing and there needs to be greater efficacy in how companies protect themselves, let us reference how the financial industry has created and relies on a body of standards to address issues in financial accounting as a defined comparison for Information Security. To support this argument, there is a defined contrast between information security and Generally Accepted Accounting Principles. We’ll explore this relationship in more detail below.


A guide to insider threats in cyber security

With so many different cyber threats targeting businesses like yours, it isn’t always easy to know which to prioritise. The mistake that many organisations make is to focus purely on threats originating from outside. However, with the number and severity of breaches caused by insider attacks continuing to rise, this can often be a very costly oversight.


Defending the client-side attack surface

It is strange to think that not that long ago the Internet was a very different place. A place filled with static text content, marked up in HTML, and served up alongside a few included image files; mostly consumed by a small population of persons with specific interests. Today’s Internet consumer demands a vibrant and responsive user experience customized to their individual interests. A localized cornucopia of options from around the globe, available on demand.


What is FedRAMP?

The Federal Risk and Authorization Management Program, or FedRAMP, is a federal government program to provide a standardized approach for security assessment, authorization, and continuous monitoring for cloud services and cloud products offered by cloud service providers (CSPs). FedRAMP creates a single risk-based standard so government agencies can engage with cloud-based providers more easily.


The impact of bad bots on digital publishing platforms

Online digital publishing platforms have thrived in the new media age. The ability to publish an article detailing news from around the world, within minutes of it happening, has allowed publishers to give their customers exciting and up-to-date content 24 hours a day, 7 days a week. However, like many other online platforms, publishers are often the victim of cyber-threats. Specifically, malicious bots programmed to perform a variety of attacks such as scraping, content theft and ad fraud.


What is Threat Modelling? 10 Threat Identity Methods Explained

Threat modelling is a process for identifying potential threats to an organization's network security and all the vulnerabilities that could be exploited by those threats. Most security protocols are reactive - threats are isolated and patched after they've been injected into a system. Threat modelling, on the other hand, is a proactive approach to cybersecurity, whereby potential threats are identified and anticipated.

Outpost24 Webinar - Is zero trust redefining network security assessment

As zero trust moves higher up on the CISOs security agenda we’re hosting a webinar to discuss the pros and cons of adopting this new approach and how it can impact your team’s ability to remain agile, whilst protecting your business. As a recent study demonstrates, 34% of security breaches involved insiders in 2019 meaning CISOs are becoming more likely to consider zero trust and it should come as no surprise that many organizations are now eager to adopt a zero-trust security policy.

Why SMEs should Care About Cyber Security

It was a turbulent time for business across the globe in 2020 and, whilst the situation is improving in 2021, there are still obstacles to overcome. Not least of all is the ever-present issue of cyber security: an average of 57% of SMEs admit to a breach in 2020, and 86% of organisations expect attacks to increase going forward. As business focus on recovering revenue streams and driving growth, investing in cyber security is often overlooked.


What is AppSec? The Challenges and Rewards

The definition of application security (AppSec) is found in the name itself. It consists of the process and tools used for securing the application software that computers, end-users, consumers and organizations rely on to operate various programs. Think media players, word processors and more complex B2B applications like those delivered by SaaS-based technology companies. And security includes the measures taken to protect this software, often with the use of different security scanning tools.


New Executive Order Seeks to Strengthen Security of Federal Government Networks

The Biden Administration published a new executive order (EO) to strengthen the digital security of U.S. federal government networks. Published on May 12 by The White House, the executive order covered much of what many media outlets reported would appear in the draft. This included the issue of supply chain security. For example, the EO stated that the U.S. federal government will begin requiring developers to make security data about their tools publicly available. It also said that the U.S.


Meeting the Security Needs of Modern Developers

Technological innovation doesn’t slow down when it comes to software, but neither do cyberattacks. The rapid pace of modern programming brings the need for agility and security that can scale and improve to meet business needs. Organizations that want to keep up with innovation while staying secure need more than just capable tools in their tech stacks; having the right people in the right seats to champion your security efforts throughout the development process is also key.


2021 Verizon Data Breach Investigations Report Proves That Cybercrime Continued to Thrive During the Pandemic

Verizon recently published its 2021 Data Breach Investigations Report (DBIR). This year, Verizon analyzed 79,635 incidents, of which 29,207 met their quality standards and 5,258 were confirmed data breaches, from 88 countries around the world. Despite the global pandemic, the DBIR uncovered that cybercrime continued to thrive. Like previous years, the majority of breaches were financially motivated, and most were caused by external actors illegally accessing data.


What are the security risks of the cloud computing?

The technological change of the 21st century has seen rapid growth in the innovation and fastest adoption of cloud computing. It is now considered the most ingenious solution that removes the idea of having a data centre by helping businesses meet their needs virtually in the most cost-effective, efficient, and productive way.

Sponsored Post

Top Events You Should Always Audit & Monitor

Anybody who’s looked for answers on the Internet has likely stumbled across a “TOP X LISTS”: The “10 things famous people do every day”, “Top 10 stocks to by”, the “20 books you have to read” are just some examples of the myriad of lists that are out there offering answers. You may have even stumbled upon a few “Top 10 (or 12) Events To Monitor” articles too.


Colonial Pipeline Incident

In yet another high-impact and high-profile ransomware incident, the 'big game hunter' ransomware group 'DarkSide' accepted responsibility for an attack against the US-based Colonial Pipeline Company, an organization providing fuel pipeline services across multiple states (Figure 1) that transport a reported 100 million US gallons of fuel daily including direct service to airports.


Sitdown with a SOC Star: 11 Questions With Siobhan Kelleher of Boston College

From salesperson to security analyst, Siobhan Kelleher, who works at Boston College, a private university in Chestnut Hill, Mass., is emblematic of the many people who have traversed non-traditional career paths to arrive in the cybersecurity profession. She is also validation of how much promise awaits the industry when its skills gap becomes narrowed with creative and passionate practitioners. Please enjoy Kelleher’s story of growth, development and confidence building.


Cybersecurity Executive Order requires new software security standards

President Biden’s Cybersecurity Executive Order requires new software security standards and best practices. Learn what you can do to prepare now. By: Tim Mackey, Principal Security Strategist, Synopsys Cybersecurity Research Center (CyRC) and Adam Isles, Principal, The Chertoff Group On Wednesday, May 12, President Biden signed an extensive Executive Order (E.O.) on Improving the Nation’s Cybersecurity. The E.O.


Ofwat reveals it has received 20,000 spam and phishing emails so far this year

Ofwat, the water services regulator for England and Wales, has revealed that it has received over 20,000 spam and phishing emails so far this year. The Water Services Regulation Authority (better known as Ofwat) which is the government department responsible for regulating the privatised water and sewage industry in England and Wales, said it had received 21,486 malicious emails so far this year – with 5,149 classified as phishing attacks.


Gig Workers are the Most Dangerous Insider Threat We Aren't Talking About

The term “gig economy” refers to the increasingly common use of skilled freelance or otherwise independent workers on a short-term basis—often one project at a time. The availability of these sorts of gig workers has brought massive change to global work culture over the last few years.

Outpost24 webinar - Full Stack Vulnerability Management with 360 Trust Services

Join Outpost24 and 360 Trust Services experts to learn how you can tackle the growing cybersecurity threats, and secure your high availability operations and satisfied customers. Save your spot for a comprehensive webinar, as we will be presenting the latest security products and services offerings, based on 20 years’ experience and accumulated expertise in cybersecurity, from vulnerability management, risk prioritization to driving a remediation culture.

New Cybersecurity Executive Order: What You Need to Know

Last night, the Biden administration released an executive order on cybersecurity that includes new security requirements for software vendors selling software to the U.S. government. These requirements include security testing in the development process and a bill of materials for the open source libraries in use, so known vulnerabilities are disclosed and able to be tracked in the future. Without following these standards, companies will not be able to sell software to the federal government.


Reducing Enterprise AppSec Risks: Ponemon Report Key Takeaways

Ponemon Institute’s Reducing Enterprise Application Security Risks: More Work Needs to Be Done looks at the reasons why many enterprises consider the application layer to be the highest security risk. Ponemon Institute, in partnership with WhiteSource, surveyed 634 IT and IT security practitioners about their enterprises’ approach to securing applications.


What is DevSecOps? Everything You Need to Know on the What, Why & When

The most basic definition of DevSecOps is found in the abbreviation itself. As a combination of development, security and operations, the term DevSecOps is about ensuring these three functions are fully and continually integrated through the software development life cycle (SDLC). It enables the development of secure applications by automating security at every phase of the SDLC—from the initial design phase through integration, testing, deployment and delivery.


Security Operations, the Devo Next-Gen SIEM, Is Now Chock Full of Content 

Devo has some big news for our customers, partners and prospects. We are pleased to announce the latest release of Devo Security Operations, which enables you to achieve full visibility without compromise, leverage real-time detections and enriched investigations, and maximize analyst productivity.


What is Open Policy Agent?

Open Policy Agent, or OPA, is an open source, general purpose policy engine. OPA decouples policy decisions from other responsibilities of an application, like those commonly referred to as business logic. OPA works equally well making decisions for Kubernetes, Microservices, functional application authorization and more, thanks to its single unified policy language. So what’s a policy engine? And what’s policy? A policy can be thought of as a set of rules.


Prevent cloud misconfigurations in HashiCorp Terraform with Snyk IaC

We’re delighted to share new features of Snyk Infrastructure as Code (Snyk IaC) designed to support how Terraform users write, plan, and apply their configurations. With Snyk IaC, you can get immediate guidance on security configurations as you write, and scan your Terraform plans in your deployment pipelines to ensure your changes and complete configuration are safe.


Scaling for DevSecOps with the Norwegian Labour and Welfare Administration

Application development has changed, and development teams have begun supporting a model of rapid and frequent deployments to support the pace of innovation demanded by digital transformation. From an application security perspective, this means scaling through DevSecOps and supporting developer-first security. The unique challenges and solutions for shifting to DevSecOps were the subject of a recent roundtable discussion featuring Aner Mazur, Chief Product Officer at Snyk and Christer Edvartsen, Sr.


Elastic and Swimlane partner to deliver an extensible framework for the modern SOC

Today I’m happy to share more about our partnership with Swimlane, which further reinforces our commitment to empowering security teams everywhere. Today’s security teams rely on the power of Elastic’s high-speed, cloud-scale analytics to solve their most complex and pressing security issues. Swimlane’s security automation platform provides a way for these same teams to accelerate and optimize their workflows for max efficiency and to solve SOAR use cases.


Leading SaaS innovation with collaboration and security transparency

Detectify security experts are speaking with security managers and operational defenders daily. There’s a clear division on how a modern and mature organization will approach security compared to the compliance-first organizations that are playing whack-a-mole to lock down the perimeter. Security transparency is one of the differentiators.


Public Wi-Fi Tips

Home and public wi-fi hot spots are firmly a part of everyday life, more so since COVID where many work from home as well as those public spaces setup to help relive the monotony of being stuck at home. Whether you are at home or in a public space establishing some good habits to ensure security of the data you throw over the Internet is worth focusing on.


The Rise of Self-Driving Identity Governance

Security and risk professionals agree that we are living in exciting and challenging times. Digital transformation is no longer a distant dream. Organizations are moving at a breakneck pace to replace manual processes, increase automation, and harness vast amounts of data in order to improve efficiencies.


What Is NIST SP 1800-27: Securing Property Management Systems?

In 2019, the hospitality industry suffered 13 percent of all data breaches, ranking third highest among targeted industries. It was two years later when NIST released SP 1800-27: Securing Property Management Systems to help hoteliers secure their Property Management Systems (PMS) and associated patron data.


Survey: Only 39% of Orgs Have Ability to Retain Cyber Security Talent

The cyber security skills gap was a problem prior to the pandemic. In a survey of 342 security professionals released in early 2020, Tripwire found that 83% of security experts felt more overworked going into the new year compared to how they felt at the start of 2019. Tripwire asked respondents to elaborate on that sentiment.

Patch management : How updates, patches & bugs affect your business

What is patch management? Patch management is the process of tracking security bug(s) and applying updates (code changes) on them in existing applications, software, or programs on a computer and other technologies to improve the functionality and security of already released programs installed in systems.

Recent Pipeline Attack Highlights Our Vulnerable Infrastructure

On Thursday, May 6, Colonial Pipeline, which operates a pipeline that delivers gasoline and jet fuel to nearly 45 percent of the U.S. East Coast, fell victim to a ransomware attack. The attack took over 100 gigabytes of data hostage, causing the company to halt all pipeline operations and shut down several of its systems. The attackers, identified as a criminal gang known as DarkSide, threatened to leak proprietary information unless a ransom is paid.


Safeguard Against Account Takeovers with Endpoint-to-cloud Security

Not long ago, amid the Microsoft Exchange Server attacks, Lookout Chief Strategy Officer Aaron Cockerill wrote about why cloud apps are more secure than their on-premise counterparts. That’s a really important lesson and an initial step towards securing your organization. Here’s part two of that narrative: you also need dedicated security to ensure that your cloud infrastructure and apps are secure.

Access Control #3: State of Startup Application Security

In this third episode of Access Control, a podcast providing practical security advice for startups, Ben Arent chats with Luca Carettoni, co-founder of Doyensec. Doyensec is an independent security research and development company focused on vulnerability discovery and remediation. The Teleport team has been working with Doyensec for the last two years and have worked together on security assessment for Teleport. In this episode, we’ll get a pentester's view on the current state of startup security.

Joining forces with FossID to extend developer-first security to C/C++ applications

I’m excited to announce the acquisition of FossID, extending Snyk’s developer-first security capabilities with deeper C/C++ support and enhanced license compliance! Snyk’s vision has always been to empower developers to secure their applications, enabling the speed and scale required by technology-driven companies.


What Is Threat Intelligence?

It's one thing to detect a cyber attack. It's another to know what the attackers are trying to do, which tactics they are using, and what their next move is likely to be. Without that additional information, it's difficult to defend effectively against an attack. You can't reliably stop an attack if you are unable to put yourself in the mindset of the attackers. This is why threat intelligence plays a critical role in modern cybersecurity operations.


Open source license compliance and dependencies: Peeling back the licensing layers

How can you successfully navigate open source license compliance? Start with the right tools to identify your dependences and calculate their risks. What if you have an open source software package licensed under a permissive license like the Apache or MIT, but inside that package are dependencies licensed under a restrictive license like the General Public License (GPL)? What are some best practices to follow?


Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial Pipeline is responsible for 45% of the gasoline, diesel fuel and natural gas transported from Texas to New Jersey.


What are the top misconceptions about machine learning?

Many businesses are now talking about artificial intelligence (AI), and specifically machine learning, as a way to solve data problems more effectively. In theory, this sounds easy. What could be better than using AI to get a computer to learn how to solve a problem over time, without manual intervention? The reality is very different, however.


Netskope Threat Coverage: DarkSide

DarkSide is a ransomware-as-a-service platform that made headlines on May 8, 2021, for targeting Colonial Pipeline, resulting in a shutdown of their pipeline operations. The DarkSide ransomware platform first appeared in August 2020, advertising that they would not target organizations in the education, government, medical, or non-profit sectors.


You Can Now Simplify Business Decisions with DevSecOps Analytics and Reporting

Across all industries, organizations looking to succeed today must address the integrity of their software. Developing and deploying quality applications is now a foundational business effort, one that sits at the center of a growing global economy. Excellent, safe software not only drives higher productivity, but it also offers major economic benefits to the enterprise by lowering the total cost of ownership and ensuring a safe product experience.


Teleport Cloud in 2021: Security Audit Results

This year we launched Teleport Cloud, a new service for providing a hosted version of Teleport Access Plane. One of the first problems the team had to tackle was how to secure the new infrastructure properly, and the team wanted to ensure the best possible results by engaging in an independent audit. As with the Teleport core product, we engaged with Doyensec to provide an independent security audit of our production environment.


Top 5 Payment Fraud Types Banks and Merchants Should Be Aware of in 2021

Hallowe’en is still months away, but Frankenstein is out trick-or-treating even as you read this, and the operative word here is “trick”. Payment fraud criminals continue playing their games with financial institutions’ (FIs) customers and online merchants.


Snyk CNA adds flexibility in delivery with self-hosted version for AWS customers

There are several advantages to consuming software as a service (SaaS). For starters, it allows companies of any size to leverage enterprise-grade software (CRM, service desk, security, etc.) in a pay-as-you-go model to avoid spending large sums of money on shelfware that may never get put to use. SaaS also offers customers the ability to scale or change the usage of their software with little to no advance notice, and makes them more agile in delivering products to market.


Snyk streamlines procurement with AWS Marketplace Solution Provider Private Offers (SPPO)

For years now, modern organizations have enjoyed a seamless procurement experience when purchasing software products through AWS Marketplace. AWS has made it possible for customers to purchase third-party software using their allocated AWS budget while still being able to negotiate custom pricing and legal terms directly with their favorite vendors.


Norwegian DPA issues GDPR non-compliance notice to Disqus

This year has already seen over 100 GDPR non-compliance decisions. Mostly limited to regional companies, but a few have made larger news. The latest company poised to be fined is Disqus. Disqus is a commenting platform that companies can embed in their sites or applications to allow visitors to leave comments on individual articles or pages. Norway's data protection authority has notified Disqus that they intend to issue a non-compliance fine of NOK 250,000,000 (about EUR 2,500,000).


Empower your Security Team to Master SANS' Top Skillsets: Investigative Tasks

We all know the security industry mantra: it’s not a matter of if, but when and how we’ll be attacked. Recent reports of intrusion activity increasing fourfold in the last two years and a raft of alerts warning of a rise in attacks on schools, hospitals and healthcare providers, and critical infrastructure companies during the global pandemic have only reinforced this.


A Threat As Old As The Internet: Why We Still Care About Malware (And Why You Should Too)

Every career has defining moments. Most are spread out over years or even decades, but the cybersecurity world has had two career-defining moments just in the past year. It started with the global shutdown due to the COVID-19 pandemic. Overnight, many organizations were forced to support employees working remotely. CISOs, like me, were expected to keep both our company and its employees safe in a completely unpredictable world.


Detecting users crawling the MITRE ATT&CK stages in your AWS environment

As more companies migrate workloads to the public cloud, more security operations teams face the challenge of securing those environments. Although cloud providers make accessing the logging very easy, it is not always easy to digest the mountains of data they provide. One example of this is AWS CloudTrail logging. This service is extremely robust which can lead to quite a bit of noise with basic detections.


Digging into AWS Fargate runtime security approaches: Beyond ptrace and LD_PRELOAD

Fargate offers a great value proposition to AWS users: forget about virtual machines and just provision containers. Amazon will take care of the underlying hosts, so you will be able to focus on writing software instead of maintaining and upgrading a fleet of Linux instances. Fargate brings many benefits to the table, including small maintenance overhead, lower attack surface, and granular pricing. However, as any cloud asset, leaving your AWS Fargate tasks unattended can lead to nasty surprises.

AppSec Decoded: Smarter DevSecOps with Intelligent Orchestration | Synopsys

In this episode of AppSec Decoded, Patrick Carey, director of product marketing, spoke with the Synopsys team responsible for bringing Intelligent Orchestration to market. Hear from Meera Rao, senior director of product management; Simon King, vice president of solutions; and Drew Kilbourne, managing director of North America security consulting, as they discuss how Intelligent Orchestration helps address the challenges for DevSecOps teams face and how this innovation is different from other application security test orchestration solutions.

A Taste of SOAR Own Medicine: Inside Siemplify's New Network & Security Operations Center, A Nerve Center Powered by Its Own Product

When Siemplify revealed roughly a year ago that it was launching Siemplify Cloud, an industry-first, cloud-native version of its security orchestration and automation (SOAR) platform, the announcement was about more than a product. “We had to change all our mindsets as a company,” recalls Alon Cohen, Siemplify co-founder and CTO. “There are different processes between being a SaaS (software-as-a-service) company and an on-premises company.”


Article Six: The highest risk of GDPR fines

Data breaches are big news. They come with a major hit to the trust customers have with a business, and even parts of the world that don't have data privacy laws will often have some form of data breach law. It might be surprising though, for those focused on GDPR, that data breaches don't account for the greatest number, and greatest monetary value, of GDPR fines.