The NIST Cybersecurity Framework (CSF) provides a list of best practices organizations can follow to maintain a secure environment. At first glance, the list can seem quite complex! When Sedara works with a client to improve their security posture, we do in-depth information gathering. The questions asked might include things like: How do you keep your computer systems updated? How often are they updated? How do you manage adding access for new hires, and ending access for terminations? Do you provide your staff training so they are up-to-date on security threats?

When conducting incident response, EDR and firewall technologies can only show you so much. The breadth of network traffic provides an unrivaled source of evidence and visibility. Open source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, furthermore the global communities behind these tools can also serve as a force multiplier for security teams, often accelerating response times to zero-day exploits via community-driven intel sharing.

In this video, learn about the Snyk IaC integration with HashiCorp Terraform Cloud and Terraform Enterprise, which enable developers to automate security checks and ensure public cloud environments are secure and compliant pre-deployment — directly in their Terraform Cloud pipelines.

Take a view at the many visibility features available within WatchGuard Cloud.

This week on the podcast, we cover an Optus data breach that could affect over 10 million Australian customers, and what they should do to protect themselves. We highlight a new malware-as-a-service (MaaS) information stealer that lowers the cost and technical bar for cybercriminals. Finally, we end with some good news about how the FBI was able to catch and arrest an ex-NSA insider trying to sell sensitive national security data to a supposed Russian adversary.

In this interview, we speak to Eyal Ben Moshe, Head of the Ecosystem Engineering Group at JFrog, about the importance of shifting left and providing tools for developers to keep their software secure. He specifically discusses the release of Frogbit and Docker Desktop Extension and teases the BuildInfo resource, the metadata associated with a build in Artifactory.

Join us for a virtual Q&A with Seb Coles, Engineering Manager at ClearBank, and Simon Maple, Field CTO at Snyk.

Besides KPIs and ratings to measure and quantify risk, you need to have a team of experts available 24/7, who you can rely on to help fix the worst problems. Put these four services in your cybersecurity toolbox: If a ransomware attack happens in the middle of the night on the weekend, you must be able to call somebody 365 days a year to help you recover and figure out how to get back up to speed. If you get breached, how do you diagnose how an attacker got in? You need to have experts who can go on your site and understand how attackers penetrated the defenses.

Learn how Forescout provides a strong foundation for zero trust.

Check out the latest product releases from UpGuard!