One commonly used feature with Tines is the ability to configure your Actions to run on a schedule (docs). For example, an HTTP Request Action that runs every minute, once a day, or every few hours. Our customers rely heavily on this feature in carrying out their mission-critical workflows. In this post, we examine how our old job scheduler system worked, a very interesting race condition, and why we replaced our old scheduler with something more reliable to meet our delivery guarantees.

Gartner predicted that in three years, “80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform.” It seems like it wasn’t too long ago that the security industry was recommending multiple vendors to safeguard your business. Now the pendulum swings the other way. Fortunately, it’s a healthy sign for the cybersecurity industry.

The education systems, including K-12 school institutions, are in the crosshairs of increasingly frequent and sophisticated cyberattacks. In just one month of 2021, educational organizations suffered more than 5.8 million malware incidents. Teachers, administrators and students are also targets as they use various devices such as laptops and smartphones to browse social media or send messages with friends and family.

At ThreatQuotient, we write a lot about security automation. Most recently, we’ve discussed how our data-driven approach to automation helps enable extended detection and response (XDR) in all phases of security operations including detection, investigation and response.

Whenever engineers discover a new security issue, the question arises every time: is this an exploit or vulnerability? What is a software vulnerability? How does it differ from an exploit? A vulnerability is a gap in the armor or weakness that allows people to enter. The exploit is the mechanism that someone uses to get in. For example, a door with a fragile lock has a vulnerability. The exploit uses the keys, hammer, or lockpick to break the lock.

Even before the pandemic, many companies had a relaxed approach to the devices employees brought to work. In fact, many businesses had BYOD (bring your own device) policies that allowed team members to work on personal laptops or cell phones. By one account, 75% of employees use their personal cell phones for work. The rise of remote work has only escalated the use of tablets, laptops, and mobile phones for professional use.

Cyber perpetrators don’t leave a single stone unturned when discovering security loopholes, no matter how thin their chances of success are. That’s why authorities such as CA/B Forum must stay a step ahead, tighten their policies and minimize security breaches. One such change is occurring from November 15, related to OV Code Signing Certificates. From November 15, 2022, OV code signing certificates will require a hardware security module to store their private key.