Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

noname security

Noname Security Platform Updates: 3.30 Release

May 2, 2024 By Stas Neyman In Noname Security
The latest Noname Security 3.30 update includes a new feature that allows for convenient tracking of attacker IP addresses, as well as improved options for triggering workflows to resolve attacks faster. Additionally, the process of installing Noname Remote Engine on local Kubernetes clusters has been simplified.
Read Post
noname security

How API Security Factors into DORA Compliance

Apr 24, 2024 By John Natale In Noname Security
Complying with data protection regulations isn’t easy, but it has traditionally involved dealing with familiar risks. For example, do your IT admins have the right amount of access to systems touching sensitive information? Review, remediate, report, and repeat. Compliance has been cumbersome, but workable. The problem is, today’s attack surface is nowhere near workable. And it’s evolving to include threats that most compliance programs aren’t yet accounting for.
Read Post
noname security

How to Comply with PCI DSS 4.0's API Security Requirements

Mar 27, 2024 By Karl Mattson In Noname Security
Struggling to keep up with evolving regulations isn’t a new thing for IT security teams. After all, for every NIS, there’s a NIS2. But when you consider that 130+ global jurisdictions have enacted data privacy laws whose mandates change, it’s not surprising that only 9% of executives feel highly confident that they can meet all disclosure requirements.
Read Post
Featured Post
noname security

The Impact of Evolving Regulation and Compliance on API Security

Mar 22, 2024 By Karl Mattson, Field CISO In Noname Security
Regulations are constantly evolving, becoming more punitive with larger fines and penalties every year. As a result, there is a collective industry movement towards the continuous improvement of cybersecurity in business and their ecosystem. This includes understanding what policies and processes must be implemented to remain compliant. However, this is not simply a tick-box exercise; it's about ensuring that organisations have effective safeguards in place to protect their business, their ecosystem of partners, and their customers.
Read Post
noname security

API Gateway vs WAF vs API Security Platform

Mar 19, 2024 By John Natale In Noname Security
APIs have transformed cloud computing, simplifying communications between different cloud technologies and providing immense benefits to enterprises by connecting various cloud-based solutions. However, APIs have also become a prime target for malicious actors seeking to exploit them as a gateway into valuable resources, such as sensitive data. APIs rely on organizations to set up publicly accessible endpoints that can be used to retrieve user data and services through targeted requests.
Read Post
Featured Post
noname security

Utilities and Energy a Prime Target For API Security Incidents

Mar 15, 2024 By Karl Mattson, Field CISO In Noname Security
As a critical element of national infrastructures worldwide, the energy and utilities sector literally keeps the lights on in today's world. When water, gas, or electricity is cut off from businesses and families, it can have catastrophic consequences. To improve resilience and guarantee service uptime, energy and utilities companies know that digitisation is key to transforming the services they deliver, but aging technology stacks, a lack of interoperability and collaboration, and poor security hygiene are all limiting progress.
Read Post
noname security

Implementing the NIST Cybersecurity Framework (CSF) 2.0 with AI augmented API Security

Mar 15, 2024 By Ryan B In Noname Security
The updated NIST Cybersecurity Framework (CSF) 2.0 was published February 26, 2024. Previously, this content was also known as the “Framework for Improving Critical Infrastructure Cybersecurity.” As stated in the framework: In summary, the updated NIST Cybersecurity Framework is organized into the following functional categories.
Read Post
noname security

API Security: Providing A Common Thread Across Agency Environments

Mar 8, 2024 By Dean Phillips In Noname Security
The deadline is approaching for U.S. government agencies to adhere to a Federal zero trust architecture (ZTA) strategy, as outlined in the 2022 Office of Budget Management (OMB) memorandum on Zero Trust cybersecurity principles. By the end of fiscal year 2024, agencies will be required to meet specific cybersecurity standards and objectives, according to the OMB memorandum (M-22-09).
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.