Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The article highlights the significance of securing CI/CD systems and offers three best practices. It introduces OpenID Connect (OIDC) as a means to employ short-lived tokens for improved security.

One of the goals of Cloudflare is to give our customers the necessary knobs to enable security in a way that fits their needs. In the realm of SSL/TLS, we offer two key controls: setting the minimum TLS version, and restricting the list of supported cipher suites. Previously, these settings applied to the entire domain, resulting in an “all or nothing” effect.

In a world where software tools are spawning businesses each day, and cyberattacks and threats are increasing rapidly, ensuring the clarity and security of these tools has become a top priority. Regulators suggest new tools and standards to ease the complexities in a software supply chain. One such tool is the Software Bill of Materials (SBOM). It lists all the components used in building the software and helps identify the weak spots.

Where do vulnerabilities fit with respect to security standards and guidelines? Was it a coverage issue or an interpretation and implementation issue? Where does a product, environment, organization, or business vertical fail the most in terms of standards requirements? These questions are usually left unanswered because of the gap between standards or regulations on the one hand, and requirements interpretation and implementation, on the other.

When it comes to securing your enterprise and keeping it safe, your success depends on effective communication. How can you explain cyber risks to the board in a way that's easy to understand, yet still packs a punch? Cyber Risk Quantification (CRQ) is a methodological approach that allows security teams to measure and quantify cyber risks in financial terms.

The role humans play in cybersecurity generally focuses on how people can be the weakest link in an organization’s defense structure. However, when it comes to securing the healthcare industry, people are still paramount, but for quite different reasons.

All segments of the cloud market are predicted to see growth in 2023, according to research by Gartner. In an April Press Release, the firm forecasts that global spending on public cloud services will exceed 21% this year, totaling $597.3 billion overall in 2023. This is up over $100 billion from last year’s (mere) $491 billion.

The cybersecurity landscape has become more complex for many reasons. For one, it is the constantly changing risk environment where businesses are compelled to confront evolving threats and actors that leverage emerging technologies and advanced tactics. Cybersecurity has become a top priority for boards since they realize that being cyber resilient is a strategic choice and a competitive advantage.

On March 15th, 2023, a new feature released from Microsoft enabled organizations with a paid subscription to Microsoft 365 for business, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, to add company branding to their Microsoft 365 sign-in page via Azure Active Directory. This update is often recommended to improve both user experience and security by providing assurance the individual is logging in via the legitimate page for their company.