%term

Coffee Talk with SURGe: 2022-MAY-17 Conti Hits Costa Rica, Cardiologist Ransomware, CISA MSP Alert

May 18, 2022 By Splunk In Splunk

Coffee Talk with SURGe! Grab a cup of coffee and join Audra Streetman, Mick Baccio, and special guest Haylee Mills for another episode of Coffee Talk with SURGe. The team from Splunk discussed a ransomware attack that prompted Costa Rica to issue a state of emergency, a cardiologist in Venezuela accused of building ransomware tools, and an alert from CISA warning about cyber threats to MSPs. This week Audra and Haylee competed in a 60 second charity challenge on "certs vs. degrees" in cybersecurity before taking a deep dive into Splunk Risk-Based Alerting.

View Video

Splunk

Read more about Coffee Talk with SURGe: 2022-MAY-17 Conti Hits Costa Rica, Cardiologist Ransomware, CISA MSP Alert

Everything You Need to Know to Prevent JavaScript Supply Chain Attacks

May 18, 2022 By Feroot Security Team In Feroot

JavaScript supply chain attacks are a bit like rolling thunder. The boom starts in one location and then reverberates along a path, startling folks, shaking windows, and—if there is a significant enough storm to accompany the thunder—leaving varying degrees of devastation in its wake.

Read Post

Feroot

Read more about Everything You Need to Know to Prevent JavaScript Supply Chain Attacks

What is DevSecOps? DevSecOps explained in under 7 mins | 2022

May 18, 2022 By Snyk In Snyk

What is DevSecOps? In this video we're going to talk about how DevSecOps brings security into the DevOps fold, enabling development teams to secure what they build at their pace, while also creating greater collaboration between development and security teams.

View Video

Snyk

Read more about What is DevSecOps? DevSecOps explained in under 7 mins | 2022

Best Practices for Securing Wireless Networks

May 18, 2022 By Trustwave In Trustwave

Most organizations employ mobile computing, which utilizes wireless communications for staff members to perform day-to-day tasks with more ease. While some organizations have deployed enterprise security standards on their wireless networks, Trustwave SpiderLabs has observed some organizations deviating from security best practices when it comes to managing a wireless environment leaving these wireless networks as low-hanging fruit for attackers to abuse.

Read Post

Trustwave

Read more about Best Practices for Securing Wireless Networks

Introducing the first web3 engine.

May 18, 2022 By Fireblocks In Fireblocks

Fireblocks Web3 Engine is the most comprehensive and secure suite of Web3 solutions for gaming studios, NFT services, and enterprises building the next generation of Web3 products. The Fireblocks Web3 Engine consists of 3 product suites: The #DeFi Suite: Build new DeFi-enabled Web3 services to generate yield for users, with connection to the widest range of both EVM and non-EVM blockchain protocols.

View Video

Fireblocks

Read more about Introducing the first web3 engine.

EASM: Is it late to the party?

May 18, 2022 By Detectify In Detectify

Included by Gartner in 2021 as a major cybersecurity category and an emerging product, the External Attack Surface Management (EASM) term might be new. Still, the idea behind it is nothing new: identifying risks coming from internet-facing assets that an organization may be unaware of.

View Video

Detectify

Read more about EASM: Is it late to the party?

DevSecOps 101: Best Practices

May 18, 2022 By JFrog In JFrog

Tune in for our webinar series DevSecOps 101 and learn the importance and benefits of bringing security into the DevOps culture. Combining application security plus speed, reliability, and frequency allows you to enable development teams to secure what they build at their own pace, allowing for easier and faster remediation.

View Video

JFrog

Read more about DevSecOps 101: Best Practices

Is the perimeter dead?

May 18, 2022 By Detectify In Detectify

This question still triggers some interesting discussions among security professionals. Does the perimeter still exist, or has it become impossible to outline due to the immense asset list and expansion of an organization’s attack surface? Included by Gartner in 2021 as a major cybersecurity category and an emerging product, the External Attack Surface Management (EASM) term might be new. Still, the idea behind it is nothing new: identifying risks coming from internet-facing assets that an organization may be unaware of.

View Video

Detectify

Read more about Is the perimeter dead?

The IaC Showdown: Terraform vs. Ansible

May 18, 2022 By Eyal Katz In Spectral

Infrastructure as code (IaC) has become the de-facto method for dealing with infrastructure at scale. This codification of infrastructure configurations lets software development teams create version-controlled, reusable configurations. Moreover, it enables integrating infrastructure management as a part of the delivery pipeline.

Read Post

Spectral

Read more about The IaC Showdown: Terraform vs. Ansible

What are organizations doing wrong when it comes to security?

May 18, 2022 By Detectify In Detectify

What are organizations doing wrong when it comes to security? While today’s code-quality security is good, the sharing between each domain or principle is lacking, such as using infrastructure as code. Some people have become lazy, using other people’s templates and sometimes without knowing the security details. There is no technical depth (the rule now is; if it works, it works). Security metrics are valued by the exploitation that happens. We learn by being hacked, and that is not how it should work.

View Video