In 2021, digital transformation has accelerated. At the tail end of the COVID pandemic, with companies remaining remote, the demand for cloud services in the enterprise is the highest It’s ever been. Healthcare organizations, which more directly encountered the acute challenges posed by the pandemic, were among the first to be shaped by the current wave of digital transformation.

As a cloud-native data loss prevention solution, Nightfall DLP can natively integrate with some of the most popular SaaS applications in order to protect against the proliferation of sensitive data in these environments. With our native integrations, Nightfall helps keep client data safe on apps including Slack, GitHub, Google Drive, Confluence, and Jira. But did you know that Nightfall also exists as a standalone DLP API?

DevSecOps follows the same trend as Agile and DevOps: how can developers create software that’s better, faster, and less expensive? The DevSecOps motto — “software, safer, sooner” adds the missing piece to the latest approach to quicker product development. Security, previously an afterthought in the product development lifecycle, is now becoming an integral part of the process.

Cloud programs like Slack and Google Drive allow businesses to work collaboratively and efficiently, often at a low cost. However, these cloud platforms open a business up to new levels of risk: sharing information via cloud programs can put customer data at risk. Cloud security architecture provides a way to recognize and remedy vulnerabilities that result from using cloud service providers (CSPs).

Many organizations recognize the emergent need to discover, classify, and protect their sensitive information stored in cloud applications (SaaS) and infrastructure (IaaS) via a dedicated cloud content inspection process. However, cloud-native detection engines are a relatively new technology, and many corporate Information Security teams or Product Security developers are, understandably, not yet familiar with how to effectively evaluate cloud content detection.

In today’s world, data breaches are a fact of life for both consumers and companies. It’s become somewhat of a truism to point out that for many companies breaches are a matter of if not when as defenders are at a significant disadvantage.

Many organizations are equipped to handle insider threat and external, common well-known challenges (like malware, for instance). These so-called “intentional” threats can be addressed through proactive security measures and best practices. But what about the unintentional risks that come with operating in a cloud-first environment? Unintentional mistakes, such as misconfiguring cloud infrastructure, can be equally devastating.

If your development team isn’t yet using shift-left testing, you could be wasting time, money, and energy. Teams that practice shift-left testing are able to identify potential roadblocks early in the process, change scope when needed, and improve design to avoid buggy code. When a bug does occur, it can be identified and dealt with quickly so as not to impact the project later on. Shift-left testing proposes to help agile teams become more agile.

Atlassian made a big splash in cloud SaaS news when they announced that the company would stop selling new on-prem server licenses as of February 1, 2021. Upgrades of existing server licenses will continue to be available through the third quarter of 2022. Impacted services include Jira Software Server, Jira Core Server, Jira Service Desk Service, Confluence Server, Bitbucket Server, Crowd Server, Bamboo Server, Atlassian-built apps, and Atlassian Marketplace server apps.

GitHub is a code versioning tool, which means that it preserves a full history of searchable code changes. Sensitive data can proliferate in these code changes and is not always easily discoverable. Credentials & secrets that are hard-coded in GitHub repositories pose risk if repos are leaked or accessed via social engineering attacks, as they can provide access to infrastructure, databases, and third-party APIs. Likewise, sensitive data like customer PII can end up in code repos.