Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The rapid escalation of cyberattacks around the world has increased the number of prerequisites to qualify for a cyber insurance policy. If a business faces a cyberattack involving a data breach, it may find it hard to recover without additional support or resources. And this is just one example.

The practice of infrastructure as code (IaC) has enabled platform teams to control infrastructure using code stored in Git. This enables teams to apply standard development practices like code review and testing to infrastructure management. The practice of GitOps takes this a step further by: Open Policy Agent (OPA), thanks to its Rego policy language, enables organizations to manage their authorization policies as code (PaC).

Nearly 1500 cybersecurity professionals gathered in Milwaukee for Cpyphercon 6. Read the highlights from the largest hacker event in Wisconson

GitGuardian's Q1 wrap-up highlights our progress in detecting secrets, introducing new secret detectors, and committing to code security. With six new detectors released in Q1, GitGuardian remains the go-to solution for developers looking to write more secure code.

A Code Signing certificate is a form of online certificate presented to an organization that is entirely dedicated to software development to validate authenticity and integrity of the programs they create. This type of digital certificate holds significant information and is issued by a CA. Here, a public key is used to bind the organization’s identity. A software developer leverages the power of a Code Signing certificate to sign the executables and applications prior to their release.

If your application development environment is like most, you’re using more code and you’ve accelerated the development of applications and software. That’s great for productivity, but it presents a big challenge for security, as your developers come under increasing pressure to ship code quickly — while also ensuring that their code is secure. They need to find a sweet spot between speed and security, and scanning at the repository level is the way to go. Here’s why.

Torq IAM is a critical foundation of modern enterprise IT infrastructures and governance. It’s one of the ways security professionals deliver value to their entire company, customer, and partner ecosystem. It’s also what drives the effective management of organizational roles, assets, and the connections between them. The product team at Torq is focused on changing the IAM game and leveling up our customers’ capabilities.

Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources it into a purpose-built data lake stored in a customer’s AWS account. Amazon Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response.

In a groundbreaking move, Italy has imposed a ban on the widely popular AI tool ChatGPT. This decision comes in the wake of concerns over possible misinformation, biases and the ethical challenges AI-powered technology presents. The ban has sparked a global conversation, with many speculating whether other countries will follow suit.

BleepingComputer reports that a cybercriminal gang is sending phony ransomware threats to prior victims of ransomware attacks. The gang, which calls itself “Midnight,” claims to have stolen hundreds of gigabytes of data and threatens to leak it if the victim doesn’t pay a ransom. Security firm Kroll said the gang’s ransom notes use the names of more prolific ransomware actors.