Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

The Essential guide to Google Drive Data Loss Prevention (DLP)

Google Drive is an integral part of Google Workspace (formerly known as G Suite). With over 6 million customers and over 2 billion monthly active users, Google’s platform is the world’s largest collaboration tool for companies both large and small. In Google Drive, employees across the world create, edit, and share files on a daily basis. This, however, does not occur without the risk of data leakage.

The Essential Guide to CRM Data Loss Prevention in Salesforce

As with most SaaS applications, within Salesforce it is your organization’s responsibility to determine whether Salesforce’s default security settings meet your specific security and compliance obligations. Read this online guide, for free, to learn about the problem of data exposure in Salesforce and how to ensure compliance with HIPAA, PCI, and other leading industry standards while storing sensitive data in Salesforce.

What is DevSecOps: A Comprehensive Guide

The rise of cloud, containers, and microservices has shifted the way software developers work for good. Whereas traditionally, software developers would release a new version of an application every few months, today’s platforms allow teams to work faster and more streamlined. These advancements have led to the rise of “software, safer, sooner” — also known as DevSecOps.

GitHub Secrets Detection & Data Loss Prevention Guide

Environments like GitHub present data exposure risk in the form of secrets leakage and sensitive PII leaking from repositories. Read this online guide, for free, to learn about the problem of secrets exposure and leakage in GitHub, as well as how to easily implement secrets detection and scanning to prevent this risk.

Is Slack Secure from Threat Actors & Hackers in 2023?

When Uber was breached in September, the hacker remained undetected until they announced their presence within the org via Slack. This incident provides yet another example of Slack being leveraged by an attacker. In this post, we’re going to review some of the ways attackers have used Slack in breaches, why this is happening, and what you can do about it.

How to use data loss prevention (DLP) for LGPD Compliance

The Brazilian General Data Protection Law (LGPD) came into effect on August 16, 2020. The law creates new rights for individuals with respect to their data and imposes significant obligations on companies that process personal data. This guide will provide an overview of the key provisions of the LGPD and explain the steps that companies must take to comply with the law.

New Nightfall Platform Enhancements Makes Parsing and Managing Findings Easier

Nightfall customers have always lauded the platform’s ease of use and simplicity, but our team is always hard at work looking for ways to improve user experience. This month, we’ve made multiple features GA across the platform, that will further your ability to further customize what content and files trigger Nightfall detectors as well as the ways you can ingest this data.

Recent AstraZeneca Breach Illustrates Risk of Credential Leakage Across Cloud Apps

Yesterday, TechCrunch broke a story about pharmaceutical giant AstraZeneca, which experienced a leak affecting sensitive patient data. We think this incident is worth reviewing to learn more about how data exfiltration risk is distributed across the entirety of an organization’s SaaS infrastructure.

The Essential Guide to Secrets Scanning

In today’s digital world, data breaches are becoming more and more common. In fact, recent studies found that a large majority of breaches are caused by stolen secrets & credentials, such as API keys. API keys are used to access data and resources from another application or service. They are typically used to connect two applications so that they can share data. For example, if you use a weather app on your phone, that app likely uses an API key to access the Weather Channel’s data.