Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Using environment variables to store secrets instead of writing them directly into your code is one of the quickest and easiest ways to add a layer of protection to your projects.

The position of CISO is not an enviable one. Modern CISOs face enormous challenges like managing the complexity of on-prem and cloud environments, being responsible for the actions of thousands of employees without having authority over them, being perceived as a drag on growth and other resources, and trying to keep up in a compliance and technology landscape that just keeps changing. Oh and budget? Limited and scrutinized.

Do you know what your employees are downloading? In a perfect world, all of the IT systems and software used by an organization would be explicitly approved by the IT department. In reality, your network is closer to the wild west.

The security of the software supply chain is rapidly becoming a paramount concern for organizations — and for good reason. With the increasing number of published Common Vulnerabilities and Exposures (CVEs), developers face the challenge of delivering software faster than ever before. However, in their quest for speed, many dev and security teams have resorted to fragmented security solutions, inadvertently leaving critical gaps in coverage and compromising their competitive advantage.

Online shopping has allowed buyers to find bargains and conveniently purchase from retailers all over the world. However, cybercriminals take advantage of the anonymity of online shopping to scam online buyers. If you get scammed while shopping online, you need to contact your credit card issuer, freeze your credit, change any compromised passwords, contact the online marketplace and report the scam to the FTC.

A recent news article from Bleeping Computer called out an incident involving Japanese game developer Ateam, in which a misconfiguration in Google Drive led to the potential exposure of sensitive information for nearly one million individuals over a period of six years and eight months. Such incidents highlight the critical importance of securing cloud services to prevent data breaches.

Edmonds School District (ESD) is in south Snohomish County, Washington. The district involves 35 schools, including Brier, Edmonds, Lynnwood, and Woodway institutions. The faculty of these schools serve over 20,000 grade-school students, with nearly 1,300 teachers leading diverse learning environments. Almost a year ago, ESD noticed suspicious activity within their network; after an investigation, officials determined the cause was a cybersecurity event.

Zero Trust is a cybersecurity approach that’s vital in today’s interconnected world, where security breaches are a persistent threat. The principle is straightforward: trust no one and verify everything. Instead of assuming a secure perimeter, Zero Trust requires continuous authentication and validation for anyone trying to access network resources, whether they’re inside or outside the organisation.

The simple fact(s) in cyber and information security is that there is NO right and wrong way to go about things. Yes there are frameworks / standards and guidance, which are good practices. BUT the right way for YOUR organisation may be totally different to that of another organisation. Yes you may have the same goal of strong security, but what does that ultimately mean?

To celebrate the end of 2023 and the beginning of 2024, we are happy to announce a collection of product updates to more robustly and securely protect your company’s data. Read below to discover what’s new!