Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

May 2022

ignyte Team

CMMC & FedRAMP: FIPS Certified vs. Compliant vs. Validated

The Federal Information Processing Standard (FIPS) 140-3 (2019) is “applicable to all federal agencies that use cryptographic-based security systems… and shall be used in designing and implementing cryptographic modules that federal departments and agencies operate or are operated for them under contract.” In other words, any organization that stores, processes, or transmits certain government information must do so in a way that conforms to the FIPS standard.

User Office Hours: Building secure application in VS Code with Snyk

Visual Studio Code (VS Code) is a code editor redefined and optimized for building and debugging modern web and cloud applications. The Snyk integration for VS Code can help you create secure applications from the beginning. Join us to learn more about Snyk VS Code capabilities. During this session, we’ll take a look at: Throughout the session you can ask us anything! Bring all of your Snyk questions and we’ll do our very best to answer them.
Zenity

Microsoft Power Pages: Low-code Misconfiguration Remains a Top Security Risk

Last week Dark Reading released an enterprise application security survey which raised serious concerns by IT and security teams Last week, Microsoft announced a new low-code application service called Power Pages, the fifth service joining the Power Platform. Whether you’re a low-code maker or professional developer, this low-code, scalable, and secure solution empowers you to build business-centric websites quickly and easily.

WatchGuard

WatchGuard Wins Big at the 2022 IT World Awards with Six Honors

We are proud to announce that for the seventh year in a row, WatchGuard has been recognized at the IT World Awards for 2022, securing six wins across multiple categories. This prestigious awards program honors information technology and cybersecurity vendors with advanced, ground-breaking products, solutions and services that are helping set the bar higher for others in all areas of IT and security.

netskope

Trust as an Attack Vector

Trust is one of the things that makes us human. We evolved the ability to trust in order to make life or death judgment calls and it is wired into our brains from birth. Unfortunately, since time immemorial, nefarious characters have always abused the trust of others to their own advantage, and in the modern world it is now one of the primary tools in a cybercriminal’s arsenal.

Forward Networks

Forward Networks 22.5 Release adds external sources to provide a powerful data aggregation layer for comprehensive testing and integration.

We just released our 22.5 Release to Forward Enterprise and boy what a surprise to have our NQE external data sources finally ready to show the world. Very simply, this allows you to pull in data from external HTTP sources (currently we support HTTP GET) and automagically model the data in our data model explorer and our integrated development environment. To enable this you simply need to add the resource endpoints for the HTTP API of the data you are interested in. i.e.

tripwire

Building a More Secure Cloud: 5 Strategies for 2022

Cloud adoption continues to soar. More than two-thirds of small to mid-sized businesses intend to increase their use of cloud technologies over the next few years. While the cloud comes with many security benefits, it also carries unique concerns. As the cloud becomes increasingly central to business operations, cloud security should be a priority. Businesses must ensure this security from the ground up, not add it in later as an afterthought.

How to Enable Two-Factor Authentication (2FA) in the CurrentWare Suite | CurrentWare v7.0.1 Tutorial

This video will teach you how to set up two-factor authentication (2FA) in CurrentWare version 7.0.1. Two-factor authentication provides an extra layer of security if anyone other than you attempts to log in to your CurrentWare web console using your account.

The 443 Security Simplified Podcast - Episode 197: Package Hijacking

This week on the podcast, we discuss the line between ethical security research and malicious activity thanks to a compromised open source software package. After that we cover the latest industry to fall victim to Ransomware and end by highlighting a 0-click vulnerability in Zoom’s message system discovered by Google Project Zero. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
LimaCharlie

May Developer Roll Up

In case you missed the news, LimaCharlie has raised 5.45 million dollars in an oversubscribed seed round led by Susa Ventures, with participation from Xerox Ventures, CoFound Partners, Long Journey Ventures, Sands Capital, StoneMill Ventures, as well as existing investor, Lytical Ventures. The money is going to be used to expand engineering and to build out our go-to-market strategy.

egnyte

May Product Rollup: UI Redesign, Compliance Controls, and More

This month, Egnyte is excited to introduce the start of a redesign to its UI, productivity improvements around shortcuts and the API, new offerings for Advanced Privacy & Compliance and CMMC, continued improvements in governance, and a whole host of new features around course management in the Quality Document Management module for Life Sciences.