Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Blogs

How To Get Compliant and Stay Agile

Agile companies do things faster. When you think about agile regarding lean startup model, you focus on quick wins, ruthless prioritization, external focus, and continuous improvement. At its core, agile development relies on continuous testing leading to continuous improvement. In cybersecurity, continuous monitoring enables an agile continuous compliance stance.

Cybersecurity Is Every Leader's Job

Every organization is led by people who are responsible for setting the overall direction, establishing priorities, maintaining influence over organizational functions and mitigating risks. Given the wide range of organizational types across industry sectors, the titles associated with these roles may vary greatly from CEO to Managing Director to Owner-Operator and beyond, but they share common traits.

GDPR Requirements for Cookie Policies

As a business owner, you know the European Union (EU) General Data Protection Regulation (GDPR) went into effect in May 2018. However, one of the most confusing aspects for a lot of businesses, large and small, has been the infamous “cookie policy.” No matter where your business resides, your website reaches customers protected by the GDPR which means you need to understand how to implement a GDPR compliant cookie policy.

Software Bill of Materials (SBoM) - Does It Work for DevSecOps?

There has been much discussion of a “software bill of materials” (SBoM) lately, for use when addressing security vulnerabilities. Many are curious, wanting to learn more. Googling the term gives lots of positive descriptions. This post will go negative, describing problems with the concept.

Adding CVE scanning to a CI/CD pipeline

A Docker image contains an application and all its dependencies. As it also contains the numerous binaries and libraries of an OS, it’s important to make sure no vulnerabilities exist in its root filesystem, or at least no critical or major ones. Scanning an image within a CI/CD pipeline can ensure this additional level of security.

What You Need to Know About Secure Mobile Messaging in Healthcare

With the majority of people using smartphones these days, texting is all but a given when trying to communicate with your friends or family. But what about your doctor? A recent study determined that 96 percent of physicians use text messaging for coordinating patient care. This can raise eyebrows and red flags.

Detectify security updates for 10 January

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.