%term

OWASP Bay Area Meetup Host Sponsored by JFrog - April 28

May 17, 2022 By JFrog In JFrog

Followed by talks Talk #1 Demystifying the SBOM’s impact on Secure Software Deployment With the White House’s cybersecurity executive order in May 2021, has the Software Bill of Materials (aka SBOMs), graduated from being a “nice to have” to a “must-have” global standard when developing and deploying secure software from the cloud? In a nutshell, SBOMs provides visibility into which components make up a piece of software and detail how it was put together, so it's easy to determine if it contains security and compliance issues. In this talk, we’ll discuss • What exactly is an SBOM? • Securing your Software Supply Chain • Why SBOM must be a key element of your software development life cycle's (SDLC) security and compliance approach • The misconceptions that exist around SBOMs • Insights and best practices on SBOM creation and usage.

View Video

JFrog

Read more about OWASP Bay Area Meetup Host Sponsored by JFrog - April 28

How to Choose Your SOC 2 Auditor and Go Through the Audit Smoothly

May 17, 2022 By TrustCloud In TrustCloud

After preparing fervently to meet SOC 2 standards, one decision companies face is which auditor to choose to get certified. You need to keep in mind your choice can influence your SOC 2 certification process. Kintent is here to tell you what you should be looking for when choosing an auditor. Would you like to become audit ready in 12 weeks, rather than 12 months? Learn more about Kintent.

View Video

TrustCloud

Read more about How to Choose Your SOC 2 Auditor and Go Through the Audit Smoothly

Veracode Continuous Software Security Platform Overview

May 17, 2022 By Veracode In Veracode

An overview of the Veracode Continuous Software Security Platform, that brings security and development together to secure software throughout the software development lifecycle.

View Video

Veracode

Read more about Veracode Continuous Software Security Platform Overview

Zero Trust - Replacing Depth with Logic. Identity & Access Management eSummit 2022

May 17, 2022 By Teleport In Teleport

In a hybrid work setup, workers should be able to authenticate themselves in the virtual environment securely. However, identity theft and technologies like deep fakes ensure that securing identities remains a major challenge. Organizations want to ensure their identities are safe and hack-proof. Join industry leading practitioners and experts to learn how to protect identities.

View Video

Teleport

Read more about Zero Trust - Replacing Depth with Logic. Identity & Access Management eSummit 2022

Russia-Ukraine War Raising the Awareness of Nation-State Attacks

May 17, 2022 By Trustwave In Trustwave

The Russian invasion of Ukraine has heightened government and business awareness around the reality that nation-state cyber threats pose. To cover all the implications of the threat posed by nation-state actors and the groups they sponsor, we sat down with Gary De Mercurio, VP, Global Practice Lead, Trustwave SpiderLabs.

Read Post

Trustwave

Read more about Russia-Ukraine War Raising the Awareness of Nation-State Attacks

Scan your software packages for security vulnerabilities with JFrog Xray

May 17, 2022 By Robi Nino In JFrog

Scanning your packages for security vulnerabilities and license violations should be done as early as possible in your SDLC, and the earlier the better. This concept is also known as “Shifting Left”, which helps your organization comply with security policies and standards early on in the software development process. As developers, this may seem like a hassle, but with JFrog CLI it’s easy!

Read Post

JFrog

Read more about Scan your software packages for security vulnerabilities with JFrog Xray

1Password 8 for Android is now in Early Access!

May 17, 2022 By Michael Fey In 1Password

It’s your turn, Android folks! The newest generation of 1Password is now available in Early Access – so put on your explorer hats, help us track down those bugs, and let the feedback flow.🕵️‍♀️

Read Post

1Password

Read more about 1Password 8 for Android is now in Early Access!

Challenges that impact the Cybersecurity talent pipeline

May 17, 2022 By Marcaé Bryant-Omosor In AT&T Cybersecurity

Cyberattacks are alarming, and establishments must increase protections, embrace a layered attitude, and cultivate security-conscious users to combat growing concerns. Cybersecurity leaders are being inundated with talent development resources offered, encompassing hiring, recruitment, and retention of the talent pipeline. Fifty percent of hiring managers typically deem that their candidates aren’t highly qualified.

Read Post

AT&T Cybersecurity

Read more about Challenges that impact the Cybersecurity talent pipeline

Critical Unauthenticated RCE Vulnerability in Zyxel Firewalls - CVE-2022-30525

May 17, 2022 By Sule Tatar In Arctic Wolf

On Thursday, May 12, 2022, Zyxel released a patch advisory for an unauthenticated remote code execution (RCE) vulnerability in their line of Firewall products tracked as CVE-2022-30525. The exploitation of this vulnerability can allow a threat actor to modify specific files and execute code remotely on a vulnerable appliance. Proof of Concept (PoC) exploit code for this vulnerability has been made publicly available via multiple sources.

Read Post

Arctic Wolf

Read more about Critical Unauthenticated RCE Vulnerability in Zyxel Firewalls - CVE-2022-30525

Is your penetration testing weak? Catch hackers at your backdoor with Sumo Logic

May 17, 2022 By Melissa Sussmann In Sumo Logic

If you are an application developer or security analyst, you likely spend a lot of time thinking about your customers’ security. IT operations teams have found many ways to help secure login portals by implementing dual authentication and Single-Sign-On (SSO) portals. Many IT organizations have learned to use SSO and Two Factor Authentication (2FA) to help secure their codebase and employee data. This method is great, assuming that all users are compliant with 2FA.

Read Post