Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Illicit forums and dark web marketplaces are so closely guarded that it’s almost impossible to know how many stolen user accounts, digital assets, or data leaks are exposed, let alone who is responsible. But the more we can uncover, the better we can defend against attacks and hold threat actors accountable.

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

When conducting incident response, EDR and firewall technologies can only show you so much. The breadth of network traffic provides an unrivalled source of evidence and visibility. Open-source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, furthermore the global communities behind these tools can also serve as a force multiplier for security teams, often accelerating response times to zero-day exploits via community-driven intel sharing.

What are some of the methods phishers use to compromise organizations? In this video, Nick goes over the common methods phishers use to gain information: Phishing is most insidious when it uses a combination of techniques. It can even overcome sophisticated security measures like Multifactor Authentication (MFA) – for example, if an attacker manages to steal a password through email, then calls the user pretending to be a technician asking them to approve an authenticator popup on their phone.

LimaCharlie sits down with Paul Caiazzo: Cyber security expert, entrepreneur and strategist, CISO and CPO. Paul has dedicated his career to advancing the field of global cyber security. In his current role as Chief Growth Officer at SnapAttack, Paul focuses on product/market fit, strategic partnerships, and business development.

More and more attacks are aimed at the entire supply chain, which means that we developers are increasingly targeted by the attackers. Attacks like the SolarWinds hack show us that making sure you don’t use vulnerable dependencies isn’t enough. The attackers have their sights set on the entire development process with its components. In this workshop, we will look at the first steps and try them out in practice which will enable you to integrate the topic of security into your everyday life as a developer.

SSL2BUY is well-known for its best customer service and lowest SSL certificate prices. Jordy has again proved it by posting his feedback. With the purchase of a Code Signing Certificate, he does not only get the best prices but also fabulous after sales support.

It's Halloween once again and that means it's time for some spooky ghost videos, chilling true scary stories and unbelievable caught on camera horror stories! In this special Halloween edition of our channel, you'll get to watch some of the scariest ghost videos recently recorded along with your host, James Rees, and two of the Razorthorn team, Amy Tate and Jite Okoh. So grab your Halloween costumes and get decide for yourself - are they real?

The video describes how to use async inventory reporting for Accounts with multiple organizations and how to filter a report by library name before generation for a project, product, or organization using the Mend UI.

AlgoSec's Regional Solutions Engineer, Eric Jeffery delivers an eye opener on startling ransomware data from the latest ExtraHop 2022 Cyber Confidence Index.