‘A ship in port is safe, but that's not what ships are built for,’ said Dr. Grace Hopper, Rear Admiral of the US Navy and a computer pioneer. As soon as the ship leaves the harbor, or even the dock, there are risks. Depending on conditions and purposes, the ship's crew might decide they are negligible, that they can be recovered from, or that the potential rewards are worth the risk. The same ideas can be applied to computers.

Earlier this year, we released a report on the top 10 open source vulnerabilities from data based on user scans — giving you an inside look into the most common (and critical) vulnerabilities Snyk users found in their third-party code and dependencies. Building on this trend, we decided to look into the most common vulnerabilities in first-party code. While OWASP served as a guiding light for open source security intel, gathering data on proprietary code was a bit more complex.

In today’s business landscape, security and compliance mean everything. ‍ Because of this, many modern businesses look towards solutions that will provide customers and prospects with the most confidence and trust. One of these is SOC 2 compliance and attestation. SOC 2 is a marker of solid and consumer-minded companies that want to protect customer data.

Forrester has named CrowdStrike a Leader in The Forrester Wave™: Managed Detection and Response (MDR), Q2 2023 which recognizes how CrowdStrike’s “exceptional” Falcon Complete MDR service “blends products, platforms, and services seamlessly for customers.” Forrester evaluated 13 top MDR providers based on the strengths of their current offering, strategy and market presence.

I look back on L0pht’s testimony before Congress in 1998 with a mix of pride and reflection. It’s been twenty-five years since our group of hackers (or vulnerability researchers, if you will) stepped up to raise awareness about the importance of internet security in front of some of the world’s most powerful lawmakers. This event marked the beginning of a long journey towards increased cybersecurity awareness and implementation of measures to protect our digital world.

A new report covering 13 global markets highlights phishing prevalence and its role in cyber attacks when compared to other types of attacks. It’s difficult for me not to stand on my “phishing is a problem” soapbox when there exists stories and reports demonstrating that phishing continues to dominate as a security problem that isn’t being properly addressed.

Generative Artificial Intelligence (AI) has revolutionized various fields, from creative arts to content generation. However, as this technology becomes more prevalent, it raises important considerations regarding data privacy and confidentiality. In this blog post, we will delve into the implications of Generative AI on data privacy and explore the role of Data Leak Prevention (DLP) solutions in mitigating potential risks.

SchoolDude is a cloud-based work management tool for school districts and other organizations throughout the United States. This software service is used by school employees and students to submit repair requests and manage those same requests. The software is used to handle serious repairs in schools all over, and it also manages some confidential data about employees. This information was just released in a serious data breach that included more than 3 million user accounts.