As companies use more tools and features, employee security risks grow too. While we all know email is a big target for attackers, it’s important to remember that email is not the only risk vector. Email is just one piece of the puzzle, which is why it is crucial to consider a wide range of employee security behaviours to get a holistic view of your risks. By doing so, you can focus resources more efficiently. Human Risk Management (HRM) is a vital part of cyber security in the workplace.

Now being commonly referred to as “Scama” – short for Scamming Method – these kits are being sold promoting highly advanced feature sets, turning the novice scammer into a pro. I’ve covered a number of Phishing-as-a-Service kits on this blog, but we’re seeing an evolution in both the kit features and how they’re being promoted on the dark web.

The global marketplace faces an increasingly destructive cyber risk landscape each year, and 2024 is set to confirm this trend. The cost of data breaches alone is expected to reach $5 trillion, a growth of 11 percent from 2023. As technology advances, attackers continue to develop new, more sophisticated methods for infiltrating systems and exploiting vulnerabilities. ‍ Amongst cyber experts, it is now widely acknowledged that the question of an attack is not ‘if’ but ‘when.’

Effective security programs promote collaboration between developers and security teams. Many organizations aim for a seamless developer experience that allows security teams to build guardrails directly into dev workflows, breaking down silos, and promoting collaboration between these departments.

In order to help organizations more effectively secure their cloud environments, we are making changes to our Cloud SIEM product. As of December 4, Datadog has introduced a new offering in Cloud SIEM: Cloud SIEM 15-Months Retention, which automatically stores logs for 15 months after ingestion.

Snyk, the leader in developer security, is excited to share that we’ve been named Customers’ Choice in the 2023 Gartner Peer Insights Voice of the Customer for Application Security Testing for a second consecutive year. Gartner defines the Application Security Testing category as products and services designed to analyze and test applications for security vulnerabilities. This distinction is based on meeting or exceeding user interest, adoption, and overall experience.

GitHub is a mission-critical software development and version control platform that is used to store proprietary source code and other sensitive data. Monitoring logs generated by activity in your GitHub environment can be useful, as unexpected patterns of behavior could indicate attacker activity or insider threats.

Hybrid operations are becoming an increasingly prevalent part of the business landscape. Certainly, this offers some fantastic opportunities for companies to reduce overhead costs and gain access to international talent. Yet, there are some distinct challenges hybrid workforces face, too.

This month has been full of new feature announcements, as well as various improvements to security team workflows. Read on to learn more about how you can leverage Nightfall's latest offerings.