Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Happy October! The leaves are changing and everyone is starting to get ready for the upcoming holidays, but let’s not forget one of the most important holidays of the year—Cybersecurity Awareness Month! Though our audience is almost entirely cybersecurity experts, we wanted to put something together to help the less technical people in our lives learn more about AI and cybersecurity, because Cybersecurity Month is for everyone.

NTLM has three versions - NTLMv1, NTLMv2 and NTLMv2 Session Security. NTLMv2 is supposed to offer better security than its previous version, and to some extent it does provides better defense against relay and brute force attacks, but does not completely block them. NTLMv2 Session Security is a session security protocol that can be used in conjunction with NTLMv1 or NTLMv2 to provide additional security.

We are living in the era of Kubernetes. It is hard to find anyone who has not heard of it and in all likelihood you are using it, too. And if you are using Kubernetes, it is probably also safe to assume that you areusing CI/CD to deploy your applications into it. However, as CI/CD and Kubernetes have grown in popularity, the number of bad actors looking to exploit weaknesses in them has grown too.

Have you ever heard of CVEs? Maybe not by their acronym, but Common Vulnerabilities and Exposures, monitored by the CVE Program Mission, are everywhere. As of the writing of this article, there are over 220,000 CVE Records available—meaning many potential threats you could be exposed to. How can you ever protect your infrastructure against this reality? Well, the good news is, you usually don’t have to.

Data Execution Prevention (DEP) is a Windows security feature that protects systems by preventing code from executing in memory areas designated for data storage. By ensuring only authorized programs can run in specific memory regions, DEP helps block malicious software, such as viruses, from executing harmful code. It operates at both hardware and software levels, monitoring memory usage to prevent exploits like buffer overflow attacks.

You need an API security solution. That much is a given (although some may argue it isn’t!). While essential for business growth and innovation, APIs, or Application Programming Interfaces, expose the organizations that use them to cyber threats. Attackers are both aware of and actively exploiting this fact: Wallarm recently revealed that attacks on APIs impacted 98.35 million users in Q2 2024.

Choosing S3 storage like AWS, Google Cloud, or Azure Blob Storage is a strategic choice. Especially as data volumes grow fast and disaster recovery strategies require more focus. Such an investment may reduce operational overhead and optimize costs. Then, new technical and economic perspectives follow. 99% of IT decision-makers state they have a backup strategy. And yet, 26% of them couldn’t fully restore their data when recovering from backups (according to a survey of Apricorn from 2022).