Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this episode of the Sedara Cybersecurity Whiteboard Series, our Lead Pentester Nick Aures talks about what to look for in a quality pentest. Nick breaks the talk down into 4 key takeaways: Take a look, and we hope it’s helpful. What Should I Look for in a Quality Penetration Test? Penetration testing is a fundamental part of validating the security measures you’ve taken and showing they are effective.

Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and shift-left practices.

Claire Davies on where should the CISO (Chief Information Security Officer) sit in an organization.

In this video, we'll look at how to manage Kubernetes access with Teleport. We'll set up a Teleport cluster, securely add a Kubernetes cluster to be managed in Teleport, do a deep dive on controlling access to Kubernetes with Teleport's RBAC system, and end with an overview of Teleport's built-in auditing capabilities.

Stefania Chaplin talks about how to avoid burnout in working as a cyber security professional by taking short breaks from the screen like 5-minute holidays.

CrowdStrike Falcon Insight XDR correlates native and third-party cross-domain telemetry to deliver high-confidence detections that would be invisible to siloed solutions.

Malicious actors leverage a technique called typosquatting to trick users into believing a falsified domain is legitimate. The fake domain can be used to trick users into visiting malicious site or trusting an email that they have received. CrowdStrike Falcon Intelligence Recon provides the ability to monitor for when key terms are identified in newly created or changed domains. This can be used to monitor brands or identify when a fraudulent domain is being used.

In this video, we will demonstrate the power of the automated threat intelligence available with Falcon Intelligence. Having sandbox analysis available directly in the CrowdStrike UI provides security teams with more context to make security decisions while also making them more efficient and effective given their limited time and resources.

What do high-profile incidents like SolarWinds SUNBURST, Codecov bash uploader, Log4Shell, ua-parser-js, or the more recent IconBurst all have in common? They’re all supply chain attacks... except one. Exploding interest in the security of the software development lifecycle from the media, industry analysts, vendors, and agencies, has left the rest of us, developers and security engineers, with many confusing definitions for supply chain attacks.

NPM Dependency Confusion Join us in this livestream as we learn about NPM Dependency Confusions and what it is. If you have ever been confused about the topic, then this video will explain it you, as well as give you some practical examples. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.