Mobile Endpoint Security (not just management) for State and Local Government
Webinar for State and Local Government that covers strategies for Mobile Endpoint Security
Active Directory Certificate Services: Risky Settings and How to Remediate Them
Active Directory Certificate Services has been around for a long time, but resources for learning it are not great. As a result, it often has misconfigurations that are an increasing vector for attacks. In fact, SpecterOps released a whitepaper detailing a number of misconfigurations and potential attacks and providing hardening advice.
Joint PCI security and CSA guidance on scoping cloud environments
As organizations move their infrastructure to the cloud, payment data are being exposed unknowingly leading to high profile data breaches. Find out how the new guidance from PCI Security Standards Council (PCI SSC) and Cloud Security Alliance (CSA) can help protect your cardholder data in the cloud.
Avant secures information in SaaS environments with Nightfall DLP
When Avant added cloud DLP to their organization with Nightfall, they added benefits like proving the value of data visibility to their systems & promoting a stronger security culture in the company.
Introducing Zero Trust Data Management
With Zero Trust Data Management™, you can now turn major attacks into recoverable events. Zero Trust Data Management is the idea that no one is trustworthy - not users, endpoints, or applications.
Compliance & securing PHI is easy for Capital Rx with Nightfall DLP
Capital Rx requires oversight into their SaaS systems for compliance requirements and reducing PHI data risk. Nightfall AI brings it all together in one platform.
Vulnerability Management: Process, Life Cycle, and Best Practices
Vulnerability management is a full-time occupation. This cybersecurity function is iterative and involves constant monitoring, documentation, and review. From updating your software to recording new patches, vulnerability management is a constant process that benefits from automated tools like Nightfall . Here’s how vulnerability management works, the ins and outs of the vulnerability management life cycle, and best practices to implement at your organization.
PRISM attacks fly under the radar
AT&T Alien Labs has recently discovered a cluster of Linux ELF executables that have low or zero anti-virus detections in VirusTotal, though our internal threat analysis systems have flagged them as malicious. Upon inspection of the samples, Alien Labs has identified them as modifications of the open-source PRISM backdoor used by multiple threat actors in various campaigns.
A Comprehensive Approach to DAST
In the modern DevOps framework, the security has shifted to the left and Application Security Testing (AST) techniques like DAST have become even more important. The latest Forrester reports indicate that application weaknesses and software vulnerabilities are the most common attack methods, and businesses fall victim to ransomware every 11 seconds. Further, modern-day businesses are consistently grappling with fast-paced development and industry disruptions.
Frontline privacy observations from deploying the EU's new SCCs
Our Data Privacy Services team collates the most interesting practical ramifications from implementing the new SCCs with our GDPR services customers. In our latest update of the Data Privacy Periodic Table , we included reference to the EU’s June 2021 release of substantially updated Standard Contractual Clauses (SCCs), triggered by 2020’s Schrems II ruling. The new, far more substantial SCCs have been largely welcomed.