%term

Empowering DevSecOps: JFrog's Enterprise-Ready Platform for Federal NIST SP 800-218 Compliance

Jan 31, 2024 By Greg McDermott In JFrog

As an integrator or government agency providing mission-critical software, the question to ask yourself is “Is my software development environment NIST SP 800-218 compliant?”. Compliance with NIST SP 800-218 and the SSDF (Secure Software Development Framework) is mandatory, and it’s time to ensure your software supply chain is compliant.

Read Post

JFrog

Read more about Empowering DevSecOps: JFrog's Enterprise-Ready Platform for Federal NIST SP 800-218 Compliance

TLS 1.0 and SSL Vulnerabilities: What You Need to Know

Jan 31, 2024 By Keren Pollack In CalCom

The PCI Security Standards Council requires all payment processors and merchants to move to TLS 1.2 and above. Organizations that don’t follow this standard do not meet PCI DSS.

Read Post

CalCom

Read more about TLS 1.0 and SSL Vulnerabilities: What You Need to Know

3 Proven Tips to Finding the Right CSPM Solution

Jan 31, 2024 By Rony Moshkovich In AlgoSec

Multi-cloud environments create complex IT architectures that are hard to secure. Although cloud computing creates numerous advantages for companies, it also increases the risk of data breaches. Did you know that you can mitigate these risks with a CSPM? Rony Moshkovitch, Prevasio’s co-founder, discusses why modern organizations need to opt for a CSPM solution when migrating to the cloud and also offers three powerful tips to finding and implementing the right one.

Read Post

AlgoSec

Read more about 3 Proven Tips to Finding the Right CSPM Solution

Navigating the Chaos: How Forums Keep Us Informed Amid Rapid Changes || Razorthorn Security

Jan 31, 2024 By Razorthorn In Razorthorn

Embark on a journey into the fast-paced world of ever-changing landscapes. In the realm of technology and cybersecurity, staying up-to-date is an ongoing challenge. How do we keep pace with the relentless speed of change? Join me in this video as we explore the necessity of forums and communal discussions to stay informed about legislative updates, changes in the cyber threat landscape, and the evolving tactics of adversaries.

View Video

Razorthorn

Security

Read more about Navigating the Chaos: How Forums Keep Us Informed Amid Rapid Changes || Razorthorn Security

CyberArk SCA Slack Workflow Approval (Part 1)

Jan 31, 2024 By CyberArk In CyberArk

In part 1 of this video, you will learn the CyberArk SCA Slack workflow approval process.

View Video

CyberArk

Read more about CyberArk SCA Slack Workflow Approval (Part 1)

Data Protection Day 2024: As Technology and Threats Evolve, Data Protection Is Paramount

Jan 31, 2024 By Drew Bagley In CrowdStrike

Today’s cybersecurity landscape poses one of the most significant risks to data. This holds true for organizations of all sizes, across all industries, tasked with protecting their most essential data amid an increasingly regulated environment and faster, more innovative adversaries. Recent years have introduced a steady drumbeat of new data privacy regulations. There are now 14 U.S. states that have passed privacy laws.

Read Post

CrowdStrike

Read more about Data Protection Day 2024: As Technology and Threats Evolve, Data Protection Is Paramount

GitGuardian Honeytoken For Peace Of Mind

Jan 31, 2024 By GitGuardian In GitGuardian

GitGuardian Honeytokens can help you stay safe as you tackle secrets sprawl at scale. Deploying GitGuardian honeytokens into all of your repositories will give you an immediate warning system, letting you know when someone scans your repos or if they they get leaked onto the public internet. Dealing with a large number of incidents is already challenging enough, Use GitGuardian honeytokens to buy some peace of mind while you work to eliminate secrets sprawl.

View Video

GitGuardian

Read more about GitGuardian Honeytoken For Peace Of Mind

Why the future of AppSec is ASPM from Snyk AppRisk

Jan 31, 2024 By Snyk In Snyk

Applications are getting bigger and more complex. With sprawling software supply chains, distributed developers, AI-enhanced productivity, and more technology, deployment, and cloud options than ever securing applications is harder than ever. To enable fast and secure development in this new reality, AppSec needs a comprehensive, proactive approach — one that helps address what matters most to reduce risk. They need to implement ASPM to shift the AppSec paradigm.

View Video

Snyk

Read more about Why the future of AppSec is ASPM from Snyk AppRisk

FBI Cyber Alert: Tech Support Scams Steal Cash or Precious Metals

Jan 31, 2024 By Stu Sjouwerman In KnowBe4

The US Federal Bureau of Investigation (FBI) has issued an alert warning that scammers are tricking victims into converting their savings into cash or precious metals, then sending couriers to pick up the items for safekeeping. The scammers then steal the goods and cut contact with the victims. The FBI says victims lost more than $55 million to these scams between May and December 2023.

Read Post

KnowBe4

Read more about FBI Cyber Alert: Tech Support Scams Steal Cash or Precious Metals

Stopping Credential Stuffing Attacks: We Need to Do Better

Jan 31, 2024 By Wallarm In Wallarm

Do you know what 23andMe, Jason's Deli, North Face, and Hot Topic have in common? They've all been breached by successful credential stuffing attacks in the last year! An attack type that has gained prominence in recent years is credential stuffing. In this blog, we will explore what credential stuffing is, discuss current approaches to mitigate this type of attack, and their weaknesses. Additionally, we'll share our insights on what needs to be.

Read Post