At JFrog, we talk about being universal and too integrated to fail. In addition to more than 30 technologies and package types supported natively, this also means supporting our customers in their hybrid and cloud infrastructure. One such key integration capability for customers leveraging Amazon Web Services (AWS) is AWS PrivateLink.

Get ready to witness a game-changing moment in the world of cybersecurity and passwords! An impressive coalition of over 90 nonprofit organizations, including Consumer Reports and the Better Business Bureau, just dropped a brand-new directive protecting your accounts and devices called “The Common Guidance on Passwords.” This announcement sets the stage for the grand inauguration of “World More Than a Password Day,” which was on November 10, 2023.

DevSecOps is a modern approach to software development that implements security as a shared responsibility throughout application development, deployment, and operations. As an extension of DevOps principles, DevSecOps helps your organization integrate security testing throughout the software development life cycle. In this blog, we discuss DevSecOps best practices and practical steps to producing secure software.

In late July, the US Securities and Exchange Commission (SEC) enacted a groundbreaking ruling for the cybersecurity industry. Amid an increasingly risky cyber landscape, the new Ruling S7-09-22 requires all registrants to disclose material cyber incidents within four days of detection and provide a detailed description of their cyber risk and governance management programs.

Perry Johnson & Associates (PJ&A) is a medical transcription service assisting providers like Cook County Health and Northwell Health. In mid-October, Chicago’s Cook County Health announced a data breach from PJ&A with a limited impact figure. However, the Department of Health and Human Services (DHS) has confirmed a more significant number than PJ&A initially determined.

In the vast and ever-evolving universe of information technology, there's one constant: change (that and cliches about constants!). Servers, systems, and software – they all get updated and modified. But, have you ever stopped to consider how even tiny differences between these digital entities can sometimes lead to unexpected challenges?

Breaches were rampant this week, impacting as many as 15 million individuals. The State of Maine announced that it bled 1.3 million resident records due to the global MOVEit vulnerability. Meanwhile, in Ohio, the City of Huber Heights was targeted by a ransomware attack; potentially, 50,000 residents may have their data exposed. In Michigan, the McLaren Health Care network was allegedly attacked by the ransomware gang BlackCat—losing 2.2 million records to exposure.

eXtended Detection and Response (XDR) technology has transformed the cybersecurity paradigm by enhancing visibility and threat detection, providing unprecedented response capabilities. It is a tool capable of monitoring the different security layers of a company, generating a single pane that unifies the detections produced in these layers.

Earlier this year, the SANS Institute published a blog exploring emerging phishing trends. This kind of research is an invaluable resource for all individuals and organizations looking to identify and rebuff phishing attacks. In this article, we'll cover some of the key findings from that report.