Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The threat landscape today is complex and constantly changing. Organizations require robust cybersecurity solutions to protect their networks and systems. SIEM and SOAR are two technologies that are pivotal in strengthening security operations. In this article, I’ll look at both technologies, SIEM and SOAR, to help you understand the importance of strengthening your organization’s SecOps.

Businesses can now automate threat detection for 1Password and their broader work environment with Obsidian Security, a security platform for software as a service (SaaS) tools.

Cybersecurity is all about staying one step ahead of potential threats. With 1802 data compromises impacting over 422 million individuals in the United States in 2022, threat intelligence feeds are a key aspect of cybersecurity today. These data streams offer real-time insights into possible security risks, allowing organizations to react quickly and precisely against cyber threats. However, leveraging threat intelligence feeds can be complicated.

Gateway to Sensitive Information Email serves as a gateway to a treasure trove of sensitive information. It is where individuals and organizations share confidential documents, financial data, personal details, and much more. In the wrong hands, this information can be exploited for financial gain, identity theft, or even corporate espionage. Protecting this valuable data is paramount, and email is the first line of defense. Pervasive Attack Vector.

This month, Apple Security Engineering and Architecture (SEA) and The Citizen Lab at The University of Toronto's Munk School opened a pair of Critical vulnerabilities relating to maliciously formed WebP images which could be used to exploit the Chrome browser, as well as the webmproject/libwebp library from Google. As of Sep 27th, 2023, the CVEs known to track this libwebp vulnerability actively include.

With the advent of the Digital Personal Data Protection Act (DPDP Act) in 2023, India has taken a significant step towards safeguarding the rights of individuals, termed as ‘Data Principals’, over their personal data. This blog post aims to shed light on the rights and protections offered to Data Principals under the DPDP Act, a landmark legislation that is reshaping the landscape of data privacy in India.

Businesses with Indian customers or those accessible to Indian citizens, take note! The Digital Personal Data Protection Act (DPDP) has been passed in India. This new law, approved by the president on August 11, 2023, dictates how organizations handle personal data. The DPDP Act is not yet enforceable as the Data Protection Board of India is still being established.

The rise of remote work, which currently sees 40% of US employees working remotely at least one day a week, has been fueled by technological advancements and recent global events. But with this shift comes a silent, lurking challenge: cybersecurity. The vast, interconnected web of remote workspaces amplifies the potential for cyber attacks. Businesses must protect their data to maintain the trust of customers, preserve their reputation, and ensure uninterrupted business operations.

I had always wanted to use sidecars with Istio or Splunk forwarder in production, but as a Kubernetes maintainer, I knew there was no reliable way of telling Kubernetes to ensure sidecar containers were kept running before and after the main application. In this post I will share the twists and turns of my adventure in addressing this long-standing Kubernetes challenge.

It’s no secret that Amazon Web Services (AWS) continues to grow by leaps and bounds as organizations modernize their IT infrastructure by migrating apps and workloads to the cloud. And due to the AWS shared responsibility model of cloud security, a deep and broad ecosystem of security vendors has also grown up alongside AWS.