Over the past two years that we have lived with the pandemic, the world has changed dramatically. Those changes provided financial criminals with great opportunities to take advantage of many businesses when they were at their most vulnerable, trying to adjust to a new reality. Remote working environments, the ongoing digitization of services, COVID-19 restrictions – all have contributed to the development of new cyber threats and techniques.

We’re almost two months from the disclosure of Log4Shell, and we here at Snyk couldn’t be more excited with the role we’ve gotten to play in finding and fixing this critical vulnerability that’s impacted so many Java shops. For starters, we’ve been able to help our customers remediate Log4Shell 100x faster than the industry average! How have we been able to achieve that?

Securing modern-day production systems is expensive and complex. Teams often need to implement extensive measures, such as secure coding practices, security testing, periodic vulnerability scans and penetration tests, and protections at the network edge. Even when organizations have the resources to deploy these solutions, they still struggle to keep pace with software teams, especially as they accelerate their release cycles and migrate to distributed systems and microservices.

The combination of poor cybersecurity practices, sensitive data storage, and a desperation to preserve business continuity at all costs, makes the healthcare industry a prime target for cybercriminals - an inevitability that was further exacerbated by the pandemic. To support the relevance of healthcare cybersecurity programs within the current cyberattack climate, the 4 biggest cybersecurity challenges in the healthcare industry are listed below.

The impact of AI on cybersecurity continues to be a hot topic of discussion within the information security industry. Cyber-threats are rapidly increasing in volume. In part, this is because the attack surface for cybercriminals is huge, and it continues to grow and evolve at a lightning pace. Every year billions of cyber-attacks are launched with a wide variety of motives, and new threats with more sophisticated tactics or methods are trialed to bypass existing security systems.

As enterprises continue to undergo digital transformation, rapidly delivering secure software has become a necessity. Essential to this goal is the ability to measure and manage application risk across a large number of projects and development teams. In this post, we’ll cover two insightful talks from SnykCon 2021 about risk management and measuring key risk indicators for enterprise applications.

At Teleport, we advocate SSH certificates over SSH keys and passwords as the best authentication method for SSH. Nothing beats the security and operational flexibility of using certificate-based authentication for a large fleet of SSH servers running on dynamic infrastructure. But in practice, certificate-based authentication is far from the de facto authentication method, and sometimes we may need to use SSH keys.