Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In early March, the SANS Institute, whose mission is to empower cybersecurity professionals with the practical skills and knowledge to make the world a safer place, shared some insightful findings based on their survey on ransomware and malware intrusions in 2022. The survey included participants in various roles and industries from organizations worldwide of all sizes. “In this survey, we wanted to understand what the past year looked like for our respondents.

SASE (Secure Access Service Edge) is a new architecture that converges networking and security into cloud-native, globally available service offerings. Security inspection and policy enforcement is performed at the cloud edge, instead of backhauling all traffic to a centralized data center for inspection. This enables organizations to strengthen their security posture while ensuring high performance, scalability and a good user experience.

PCI 4.0 — the PCI Standards Security Council’s first update since 2018 to the PCI Data Security Standards (PCI DSS) — is a major iteration that shifts away from the traditional point-in-time assessment. Do you remember how an auditor would annually determine the PCI compliance status of a merchant’s or service provider’s system on a specific day in a specific month and assume — somehow — that the snapshot characterized their status all year?

Managed NDR is network detection and response (NDR) combined with an outsourced SOC (Security Operations Center) monitoring and response layer. The meaning of “managed” in managed NDR will vary from provider to provider. Some managed NDR services will remediate threats for you, while others will stop at alerting and assisting your internal IT team. Similarly, the capabilities of the “NDR” part of managed NDR will also differ depending on who offers it.

Recently, archTIS worked with fellow Microsoft Intelligent Security Association (MISA) member, Thales to integrate NC Encrypt with CipherTrust Manager. MISA members are top experts from across the cybersecurity industry with the shared goal of improving customer security. Both companies offer advanced data security for the Microsoft Purview Information Protection suite and worked together on a joint solution for customers aiming to achieve digital sovereignty.

The OWASP API project has recently decided to refresh the popular API Security Top 10 threat map. The team at Salt Security has always been actively involved in this project, having been a key contributor to the initial creation of the list. And we continue to be deeply involved in the thinking process, data gathering, and brainstorming in updating it. As of the writing of this post, the final version of API Security Top 10 2023 has not been officially released.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we are exploring voice-activated AI technology that allows computers to comprehend and respond to human speech, while analyzing some of its detrimental drawbacks.

HIPAA is a legal healthcare privacy standard passed into law by the Clinton administration. The law standardized how private healthcare information had to be protected and stored by hospitals. In its earliest years of inception, these rules were straightforward. Things have changed considerably. With the digitalization of healthcare records, it’s now easier than ever for patients and hospitals to access records, but it’s also easier for bad actors.

Kubernetes is an open source orchestration platform for containerized workflows. It is the best way to manage – or orchestrate – large clusters of containers at scale. Sometimes abbreviated as K8s, Kubernetes helps you efficiently manage clusters of hosts running Linux containers. In the age of containers, Kubernetes has become a popular open source project and key building block for modern tech infrastructure.

The process of detecting, analyzing, and prioritizing vulnerabilities found through vulnerability assessments is an essential part of maintaining cyber security. Cyber security assessment services that provide vulnerability assessments are highly sought after with the increasing number of threats in the cyber world.