Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

ISO/IEC 27001 is a set of international standards developed to guide information security. Its component standards, such as ISO/IEC 27001:2013, are designed to help organizations implement, maintain and continually improve an information security management system (ISMS). Compliance with ISO 27001 is not mandatory.

With one in three SMEs adopting cloud-first strategy more than ever, cybersecurity concerns have only grown exponentially. In the wake of the pandemic, nearly 95% of cybersecurity professionals have shown concerns regarding public cloud security. Microsoft Office 365 is at the heart of most small to mid-sized businesses. Combined with a rapid cloud adoption rate, security concerns are not far behind.

We asked Paul Sutton, Head of Research & Development at Redscan Labs, to tell us about the work he and his team are doing to ensure Redscan remains at the forefront of detection and response.

Detecting the threat after collecting the right data is the first step. From there, the impact of the threat really matters; otherwise, security teams may be chasing after too many issues.

“Joker’s Stash”, the largest dark web marketplace for buying & selling stolen payment card data, announced on January 15, 2021 that it is shutting down. The last day of activity will be February 15, 2021.

TL;DR: On January 7, the Detectify security research team found that the .cd top-level domain (TLD) was about to be released for anyone to purchase and claimed it to keep it secure before any bad actors snatched it up. A technical report with full details is available on Detectify Labs. This blog post will discuss the basics of domain takeover.

2020 has become the lens through which predictions for the whole decade will be forecasted. The wave of digital transformation has enabled easy availability of services from home for everyone and anyone. Some experts say that five years of digital transformation took place in six months due to the number of services and products that have moved to online access, but this has also made the market quite volatile.

In this blog, we will compare and contrast Falco vs. AuditD from a Host Intrusion Detection (HIDS) perspective. AuditD is a native feature to the Linux kernel that collects certain types of system activity to facilitate incident investigation. Falco is the CNCF open-source project for runtime threat detection for containers and Kubernetes. We will dig deeper into the technical details and cover the installation, detection, resource consumption, and integration between both products.

The annual list of top security projects from Gartner provides key insights on where security leaders should focus their limited time and resources to be the most effective at protecting their data, users, and infrastructure. Netskope provides value for each of the top 10 recommended security projects for this year and next, including many critical capabilities. This blog series will highlight each Gartner recommendation and how Netskope specifically can help.

Over the past year, the retail and hospitality industries have been forced to adapt to the “new normal.” Since lockdowns and health concerns have prevented or dissuaded in-person shopping or dining, the new normal has been e-commerce. Smaller businesses not equipped for the increase in e-commerce have had to undergo rapid digital transformation in order to stay afloat. But, unfortunately, e-commerce was not the only thing to increase in 2020.