Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In today’s digital age, adopting public cloud platforms like Amazon Web Services (AWS) security means reinforcing them. AWS is a complex and versatile platform. When problems or security incidents arise, it's important to have a systematic approach to investigation and analysis or it can quickly become noisy with lots of false positives. This is where the Adversarial Tactics, Techniques, and Common Knowledge (MITRE ATT&CK) framework can help.

Companies are increasingly aware of the importance of creating detection and hunting capacities that help to keep their business’s future from being put at risk. The popularity of threat-hunting services is a consequence of detecting ever more persistent attacks, which also last longer and longer. On top of this, cybercriminals also have ever more tactics to avoid traditional defense measures.

Scott Scheppers, chief experience officer for AT&T Cybersecurity, weighs on how his team is addressing the cybersecurity talent shortage. This is part one of a two-part blog.

A condensed recap of our hands-on runtime security webinar from September. Get the juiciest knowledge nuggets and pointers to more.

As technology continues to advance, cloud computing has become an integral part of our digital landscape. While the benefits of cloud technologies are undeniable, concerns about data security and privacy have often overshadowed and slowed down its adoption. However, a new paradigm shift called “Zero Trust” is poised to revolutionize the way we perceive and embrace cloud technologies.

Moody’s investment in Bitsight in 2021 was founded on the belief that cyber risk is business risk. Two years later - this foundational belief is clearer than ever by evidence of recent research developed by the two companies. This blog post is a reflection on the research progress made by the two firms since the announcement of the partnership.

While Kubernetes adoption continues to soar, it has become a prime target for cyberattacks. Unfortunately, Kubernetes clusters are complex and can be difficult to secure. Safeguarding your Kubernetes environment requires a solid understanding of the common attack chains that pose a threat to your infrastructure. In this blog post, we dig into the top attack chains that target Kubernetes, shedding light on the risks and offering valuable insights to bolster your defenses.

Technology and cybersecurity changes so fast. But when businesses fail to put basic protections and processes in place, who’s to blame? Graham Cluley – writer, blogger, and host of the Smashing Security podcast – shares his 30-year perspective on this question, and what’s going on in cybersecurity today.

The COVID-19 pandemic has spurred a significant increase in the adoption of remote access, resulting in a substantial portion of the workforce transitioning to remote work. This requires employees to heavily rely on their employer’s virtual private network (VPN) to connect to their company's IT systems. This shift to working from home (WFH) is expected to continue well into the foreseeable future.