Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2021

Ensure data security and compliance in Slack Connect with Nightfall

Slack as a product is constantly expanding with new functionality and integrations. Slack Connect is among the most popular new features Slack introduced in the past year and is growing in popularity because it’s an easy way to stay connected with people you work with outside your organization — in real time with all the features that Slack offers. ​​As new improvements or upgrades for Slack are released, data security and compliance should be a top concern for your teams.

Vulnerability Management: Process, Life Cycle, and Best Practices

Vulnerability management is a full-time occupation. This cybersecurity function is iterative and involves constant monitoring, documentation, and review. From updating your software to recording new patches, vulnerability management is a constant process that benefits from automated tools like Nightfall . Here’s how vulnerability management works, the ins and outs of the vulnerability management life cycle, and best practices to implement at your organization.

CISO Insider - S2E6 - Data is trust with Emilio Escobar

Datadog CISO Emilio Escobar joins Chris Martinez on CISO Insider for a discussion on data security approaches for today’s cloud-first world. Emilio shares how he sees infosec: creating security responses based on people and teams over brute force blocking of apps and systems. This approach allows Datadog to defeat the enemy of complexity in IT service quality, and helps build a more inclusive culture at the company. By seeing data as trust, Emilio can influence his teams to find better solutions to data security problems and learn from typical pain points. We get into all this and a lot more in the chat today.

5 Types of Social Engineering Attacks and How to Mitigate Them

Social engineering is a type of cyber attack that targets people to gain access to buildings, systems, or data. Social engineering attacks exploit human vulnerabilities to get inside a company’s IT system, for instance, and access its valuable information. Social engineering is one of the most common— and successful— forms of cyber attack. Social engineering attacks are constantly evolving, but they generally follow five main approaches.

7 Indicators of Compromise: The Essential List for Breach Detection

Indicators of compromise are the red flags of the information security world. These helpful warnings allow trained professionals to recognize when a system may be under attack or if the attack has already taken place, providing a way to respond to protect information from extraction. There are many indicators of compromise, depending on the type of threat.

How to Comply with Facebook's New Data Protection Assessment

Recently, Facebook announced a new initiative aimed at protecting how its users’ data is managed across its platforms: the Data Protection Assessment. The assessment consists of a questionnaire for apps that access advanced permissions and specifically focuses on how developers protect, share and use platform data.

Cloud Data Protection: What You Need to Know

It’s no surprise that cloud adoption continues to be a major force impacting organizations today. A 2020 McKinsey survey indicated that many organizations saw several years worth of digital transformation take place in 2020. An IDG survey, which we referenced in our Securing Best of Breed SaaS Applications webinar, suggested that 95% of organizations expect to be partly or fully in the cloud by the end of 2021, with almost half the applications used by their workforce being SaaS or open source.

CISO Insider - S2E5 - A Community of cybersecurity with Michelle Valdez

One Main Financial CISO Michelle Valdez joins CISO Insider to discuss how to build a community of cybersecurity. Her approach is all about resiliency and reducing human risk to minimize the impact of security incidents. We talk about how she built this approach from her long career that began in the Air Force and now includes her work in fintech in the private sector.

Developing Secure Web Applications: 6 Best Practices

When businesses think about maintaining cybersecurity, the first thing that comes to mind is often endpoint and network security. However, web application security is becoming increasingly important. There have been numerous high-profile attacks on web applications in recent years; in 2020, for instance, the Twitter accounts of famous people were compromised as part of a bitcoin scam.