Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Check out the latest product releases from UpGuard!

Passwords are everywhere. Sometimes they are obvious — hardcoded in the code or laying flat in the file, but other times they take the form of API keys, tokens, cookies, or even second factors. Devs pass them in environment variables, vaults mount them on disk, teams share them over links, and copy them to CI/CD systems and code linters. Eventually, someone leaks, intercepts, or steals them. Because they pose a security risk, there is no other way to say it: passwords in our infrastructure have to go.

Physical security breaches by social engineers can be catastrophic for your organization's data. Join Special Agent Cipher to learn about the types of social engineering tactics used by bad actors, along with strategies to keep your organization out of harm's way.

In this episode of This Old Hack, a bad actor writes in for help on how to improve their phishing game after not being able to get through filters anymore. Luckily for them, the Old Hack has some answers. Learn about the latest tactics hackers are using to successfully create convincing looking phishing emails.

Learn about Identity Framework configuration in this demo so that users and devices with a common identity can easily interact within WatchGuard products.

Welcome to This Week in VulnDB, Each episode we will look through some of the newer vulnerabilities in the Snyk vulnerability database, looking at emerging trends in attack vectors appearing in programming languages, platforms and ecosystems.

In this episode of Spotlight on Technology we’re joined by Marie Hargraves, Cyber Workforce Advisor at Immersive Labs, to discuss crisis simulation and incident response testing. What would you do if your organisation was the subject of a cyber attack? Having an incident response procedure is critical, but even if you have one, how can you be sure it will work? How can the process be refined? Marie talks to us about the challenges facing businesses when it comes to incident response, and how these challenges can be overcome to ensure there is a robust plan in place if the worst should happen.

How DevOps and Platform Teams can focus on Innovation and Optimization?

In this webcast, SANS certified instructor Matt Bromiley will explore the concept of zero trust and what it means to security teams and your overall security posture. As a concept, zero trust is relatively straightforward: Trust no one until verified, inside or outside the network. However, this is often easier said than done, especially for systems built on legacy authentication models. Matt will also examine what a zero trust implementation looks like, how this can stop adversaries dead in their tracks, and what your organization can do to begin moving toward a state of zero trust.

Denis Rosa, Developer Advocate Manager at Couchbase, talks about the challenge of external dependencies with continuous integration and delivery