Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Now more than ever, insider threats and compromised devices pose a significant challenge to organizations. Whether it’s a malicious insider exfiltrating sensitive data or an endpoint infected with advanced malware, these threats are often difficult to detect using conventional security tools. According to the 2023 Cost of Insider Risks Report by Ponemon Institute, insider threats cost organizations an average of $15.4 million per incident, and incidents take an average of 85 days to contain.

In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster, we uncovered the dangers of running Elasticsearch with X-Pack disabled and thus, highlighting the ease with which attackers can exploit unauthenticated endpoints. Now, in Part 2, we will explore the other security features of X-Pack beyond authentication.

Data protection is a top priority for healthcare organizations, with patient trust and regulatory compliance hinging on securing sensitive information such as Protected Health Information (PHI). Traditional access control and Data Loss Prevention (DLP) solutions focus on restricting access and preventing unauthorized file transfers but do not provide visibility into how, where, and through which communication channels sensitive data is shared.

Trustwave has created a technology partnership with Devo, a unified Security Information and Event Management (SIEM) provider, to offer a next-generation Managed Extended Detection and Response (MXDR) solution called Trustwave MXDR with Co-Managed SOC for Devo. This collaboration will enable organizations to leverage a powerful SIEM platform without the complexities and costs associated with owning and managing the technology.

As the gold standard for reliably storing files of varying types in the cloud, Amazon’s S3 has become synonymous with storage. While this widespread adoption is a sign of a good developer experience and reliable storage across the board, it also presents a unique opportunity for attackers looking to exploit multiple targets due to S3’s widespread adoption.

IBM's Institute for Business Value has released a report on the benefits of cybersecurity platformization. It's an important piece of research, but is focused mainly on enterprise users. In this post, we'll discuss what the IBM report means for managed security services providers (MSSPs) and how they can take advantage of security platformization.

Financial institutions face a tricky balancing act: they need to innovate quickly while also following strict compliance rules in an environment where security is paramount. Recently, Snyk's Field CTO, Steven Schmidt, sat down with Mihai Saveschi, Senior Director of Security Service Management at CIBC, for a fireside chat to discuss these pressing issues. We’ve pulled key insights from their conversation on some of the most pressing AppSec challenges facing financial services organizations today.

As organizations increasingly adopt cloud-native architectures, they face a sprawling attack surface with novel threats that traditional security measures struggle to manage. ARMO’s Behavioral Cloud Application Detection and Response (CADR) offers the precise solution to these problems. It is designed to address the complexities and challenges of securing cloud-native applications in runtime.

To stay ahead of evolving cyber threats, it’s not just data that is needed—it is actionable intelligence. With the increasing complexity of attacks, regulatory pressures, and resource constraints, it’s essential to have a proactive approach to threat management. This whitepaper, Maximising the Value of Threat Intelligence, is a strategic, actionable guide tailored for CISOs and security teams.

Industrial facilities increasingly rely on interconnected systems to improve operations. As they implement these technologies into their legacy environments, they create new cybersecurity risks within previously isolated Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) by connecting them to public internet-facing applications.