%term

Security at ServiceNow (feat. Karl Klaessig) - The Big Fix 2022 by Snyk

Mar 29, 2022 By Snyk In Snyk

Karl Klaessig, Director of Product Marketing and Security Operations at ServiceNow joins Randall Degges, Head of Developer Relations and Community at Snyk to discuss security challenges and how they approach them at ServiceNow. The Big Fix brought together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure through a month of fixing vulnerabilities, ending in a 24-hour livestream event.

View Video

Snyk

Read more about Security at ServiceNow (feat. Karl Klaessig) - The Big Fix 2022 by Snyk

How to Get Security Peace of Mind Against Advanced Email Threats

Mar 29, 2022 By Trustwave In Trustwave

The dangers of email security are often understated. One successful email attack can lead to malware injection, system compromise, impersonation, espionage, ransomware and more. After all, phishing remains the top attack vector used by hackers. The FBI reported phishing scams were extremely prominent, with 323,972 complaints being made in the U.S. in 2021, compared to 241,342 the previous year. Adjusted losses resulting from these attacks is more than $44 million, a $10 million decrease from 2020.

Read Post

Trustwave

Read more about How to Get Security Peace of Mind Against Advanced Email Threats

Today's Crypto Storage Solutions & Wallets for Institutions

Mar 29, 2022 By Fireblocks In Fireblocks

What secure, enterprise-grade crypto storage solutions (wallets) currently exist on the market? Fireblocks' Head of APAC & Vice President, Product Strategy and Business Solutions, Stephen Richardson, explains. There are two types of enterprise-grade crypto storage solutions (wallets) exist in the market: Multisig wallets (ex: Bitgo, Coinbase, Gemini, Paxos) and MPC wallets (Ex: Unbound, SharpX, Fireblocks).

View Video

Fireblocks

Read more about Today's Crypto Storage Solutions & Wallets for Institutions

What is SecOps?

Mar 29, 2022 By Brian Nathans In logit.io

SecOps is a short form for Security Operations, a methodology that aims to automate crucial security tasks, with the goal of developing more secure applications. The purpose of SecOps is to minimize security risks during the development process and daily activities. Under a joint SecOps strategy, the security and operations teams work together to maintain a safe environment by identifying and resolving vulnerabilities and resolving any security issues.

Read Post

logit.io

Read more about What is SecOps?

Healthcare focus: Need for resilience

Mar 29, 2022 By Carisa Brockman In AT&T Cybersecurity

Data breaches are still on the rise in healthcare. 2021 accumulated 686 healthcare data breaches of 500 or more records in 2021, resulting in 45M exposed or stolen healthcare records. 2022 is off to a poor start with over 3.7M healthcare records compromised as of 3/2/2022.

Read Post

AT&T Cybersecurity

Read more about Healthcare focus: Need for resilience

Firewall Inferno - Sophos & SonicWall Vulnerabilities

Mar 29, 2022 By Sule Tatar In Arctic Wolf

CVE-2022-1040 and CVE-2022-22247 are two recent vulnerabilities that have been discovered in two different Firewall products. This blog post will cover both the Sophos Firewall vulnerability (CVE-2022-1040) and the SonicWall Firewall vulnerability (CVE-2022-22247).

Read Post

Arctic Wolf

Read more about Firewall Inferno - Sophos & SonicWall Vulnerabilities

CVE-2022-23648 - Arbitrary Host File Access from containers launched by containerd CRI and its impact on Kubernetes

Mar 29, 2022 By Leonid Sandler In ARMO

Recently discovered vulnerability - CVE-2022-23648 - in containerd, a popular container runtime, allows especially containers to gain read-only access to files from the host machine. While general container isolation is expected to prevent such access, in Kubernetes, it is especially dangerous because well-known and highly sensitive files are stored in known locations on the host.

Read Post

ARMO

Read more about CVE-2022-23648 - Arbitrary Host File Access from containers launched by containerd CRI and its impact on Kubernetes

Announcing Our Next Cloud-native Integration: Nightfall for Salesforce Enters Active Development

Mar 29, 2022 By Michael Osakwe In Nightfall

At Nightfall, our mission is to discover and secure sensitive data in every cloud application through a cloud-native, accurate, and performant platform. Since 2019, Nightfall has partnered with some of the world’s most innovative organizations to proactively eliminate data security risks across a fleet of SaaS applications via our native integrations for Slack, Atlassian Jira, Confluence, Google Drive, and GitHub.

Read Post

Nightfall

Read more about Announcing Our Next Cloud-native Integration: Nightfall for Salesforce Enters Active Development

Article 28 - General Data Protection Regulation Act

Mar 29, 2022 By Narendra Sahoo In VISTA InfoSec

The General Data Protection Regulation Act (GDPR) requires Data Controllers to establish a written agreement with the Data Processor stating the terms and conditions for the data processing activity. So, before getting into a contract with the Data Processor, a Data Processing Agreement must be signed between both parties regarding the conduct of processing personal data.

Read Post

VISTA InfoSec

Read more about Article 28 - General Data Protection Regulation Act

Cyber Compliance and Data Breach Notifications

Mar 29, 2022 By Rubrik In Rubrik

Ransomware isn’t just an internal threat for your organization, it’s also a global crime, and data breach notifications are governed by various laws, policies, and agencies. Let’s go over some common cyber-compliance questions about ransomware, data breach notification and reporting, and the laws that cover cybercrime.

Read Post