Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Data classification is an important business process. It makes it easier to apply data protection, helps employees understand what data is sensitive, and, importantly, which data can be made public. Unfortunately, many organizations provide employees with access to far more data than is needed. The oversharing of information with employees is a huge security risk.

What is different about cloud log management versus on-premises? The answer may seem simple, but several elements such as CloudTrail vs. CloudWatch come into play. In this article, we will cover some of the most important differences, and then dig deeper into a specific example of AWS CloudTrail vs. CloudWatch.

In our last blog post, we discussed the importance of having a solid Incident Response plan in place. In this blog post, we will discuss the next step in that process: identification. Once you have determined that an incident has occurred, it is important to identify the scope of the issue as quickly as possible. This will help you determine the best course of action and ensure that your response is effective.

We’re thrilled to share that WatchGuard has been recognized in the 2022 TrustRadius Best Software List! The first-ever TrustRadius Best Software List celebrates products that support the evolution of self-serve buyers by sourcing and using customer reviews. To make the list, products must have 40+ reviews from the past year and have maintained a trScore of 7.5 or higher. These characteristics demonstrate a commitment to transparency, improvement, and user insights.

The WatchGuard team is thrilled to share that technology analyst firm GigaOm recently recognized WatchGuard as a market leader in endpoint detection and response (EDR).

On October 25, 2022, the OpenSSL project announced the existence of a critical vulnerability in the OpenSSL library affecting OpenSSL versions 3.0.0 and above, as well as any application with an embedded, impacted OpenSSL library. This announcement did not include any details on what this vulnerability is or how it can be exploited. On November 1, 2022, a cryptographic library used for encrypting communications in a wide variety of applications on the internet.

With policy as code, policies can be managed and automated using code written in a high-level language. It is a programmatic method of uniformly defining and enforcing policies throughout cloud-native applications and their infrastructure.

Hi there Ruby developers! If you’ve been looking for an effective way to establish a Ruby on Rails Docker setup for your local development environment, then this post is for you. It’s a continuation of our previous article on how to install Ruby in a macOS for local development. Ruby developers frequently need to account for a database when building a Ruby on Rails project, as well as other development environment prerequisites.

OpenSSL has released two high severity vulnerabilities — CVE-2022-3602 and CVE-2022-3786 — related to buffer overrun. OpenSSL initially rated CVE-2022-3602 as critical, but upon further investigation, it was reduced to high severity.

Government agencies are instructed by Executive Order to improve the delivery of digital services to citizens while also safeguarding critical data and systems. Often, this leads to a difficult decision between speed of application production and software security. However, as recent events have shown, sacrificing security in the name of speed compromises the safety of citizens and government infrastructure.