If you are using Microsoft 365 (M365) or SharePoint and need to comply with or learn more about US export control requirements, read our 6 W’s of ITAR and EAR Compliance to help you comply with these strict U.S. regulations.

When we started to build Bearer, we wanted to understand how to validate the quality of our findings and be able to benchmark it. Code security scanning solutions are notorious for reporting a lot of false positives and other deficiencies, and even though we believed we could do much better, we needed a way to prove it. In Java, there is an OWASP project, BenchmarkJava, which makes it easy to compare the output of two software security solutions.

The most famous data breaches–the ones that keep security practitioners up at night–involved the leak of millions of user records. Companies have lost names, addresses, email addresses, Social Security numbers, passwords, and a wealth of other sensitive information. Protecting this data is the highest priority of most security teams, yet many teams still struggle to actually detect these leaks.

In today's data-driven world, businesses must navigate the complexities of data management while ensuring compliance with an ever-growing array of laws and regulations. Two concepts that often arise in this context are data sovereignty vs data residency. While related, these terms refer to distinct aspects of data management. Understanding their differences is crucial for businesses to make informed decisions on where to store their data and how to remain compliant with data protection regulations.

While Gen AI tools are useful conduits for creativity, security teams know that they’re not without risk. At worst, employees will leak sensitive company data in prompts to chatbots like ChatGPT. At best, attack surfaces will expand, requiring more security resources in a time when businesses are already looking to consolidate. How are security teams planning to tackle the daunting workload? According to a recent Morgan Stanley report, top CIOs and CISOs are also turning to AI.

A strong misconception abounds that managed providers are impervious to data loss. The truth, however, is that accidents can happen at any time, to any business. Finding a provider that takes data backup and protection seriously, therefore, is critical to the well-being of your business. Opti9—a leading provider of managed cloud solutions—is one company that is addressing this problem head-on.

Cybersecurity challenges continue to grow in impact and complexity, especially as they relate to government and Defence information. In response to increasing hacking and cyber attacks, the Department of Defense (DoD) has released the DFARS and CMMC information management and cybersecurity standards to reduce the risk of system compromises within government agencies and the defense industrial base (DIB) that supports them.

Previously, we talked about the first phase of our battle testing process. If you haven’t already, give it a read for background on this article. After Bearer CLI proved itself solid against a variety of real-world projects, it was time to take things to the next level and compare the quality of results over time, and against the results of other static application security testing (SAST) tools.

Since we announced version 1.3 of Bearer CLI in early April, the team has been working relentlessly to make major movements and ship amazing new features. Before you read it all, we advise you to update to the latest version in the background 🙂, that way you can start exploring all right after finishing this article!