%term

How to Build a Startup Security Team: Advice from Security Experts

Aug 12, 2021 By Rosalind Lutsky In Teleport

With the rise of security threats comes an increased need for strong security measures, but it’s hard to know where to invest your time and money, especially if you’re a small startup. Who should own security when you first get started? Is it worth it to hire a Chief Security Officer (CSO) right away? Is it better to build out an internal security team or hire an external agency instead?

Read Post

Teleport

Read more about How to Build a Startup Security Team: Advice from Security Experts

Detecting and Investigating Threats in Splunk Security Analytics for AWS

Aug 12, 2021 By Splunk In Splunk

View Video

Splunk

Read more about Detecting and Investigating Threats in Splunk Security Analytics for AWS

How Pipeline Owners and Operators Can Fulfill the TSA's Second Security Directive

Aug 12, 2021 By Alex Bagwell In Tripwire

Back in June, I wrote about the Transportation Security Agency’s (TSA) new security directive concerning pipeline owners and operators. The order mandated those entities to disclose security incidents such as the ransomware attack that affected the Colonial Pipeline Company back in May to the TSA and the Cybersecurity & Infrastructure Security Agency (CISA).

Read Post

Tripwire

Read more about How Pipeline Owners and Operators Can Fulfill the TSA's Second Security Directive

Securing IoMT devices to protect the future of Healthcare from rising attacks

Aug 12, 2021 By Theodoros Karasavvas In AT&T Cybersecurity

The number of cybersecurity incidents reported within the healthcare industry has been steadily increasing since 2015 as the use of IoMT has become more widespread. With increasing numbers of IoMT devices being used for patient care, the attack surface among hospitals and doctors’ offices has grown dramatically as medical technology continues to expand.

Read Post

AT&T Cybersecurity

Read more about Securing IoMT devices to protect the future of Healthcare from rising attacks

Establish robust threat intelligence with Elastic Security

Aug 12, 2021 By Haran Kumar In Elastic

As a powerful search engine, Elasticsearch provides various ways to collect and enrich data with threat intel feeds, while the Elastic Security detection engine helps security analysts to detect alerts with threat indicator matching. In this blog post, we’ll provide an introduction to threat intelligence and demonstrate how Elastic Security can help organizations establish robust cyber threat intelligence (CTI) capabilities.

Read Post

Elastic

Read more about Establish robust threat intelligence with Elastic Security

Midway Swiss Case Study: Journey towards CMMC Compliance with Ignyte

Aug 12, 2021 By Ignyte In Ignyte

This webinar is designed for Small & Midsize Businesses that work as federal prime or subcontractors. Our guest, Jayme Rahz, CEO at Midway Swiss Turn, represents a local manufacturer that has recently undergone a series of guided steps with Ignyte’s team and implemented over a hundred vital controls into their cybersecurity routine to become NIST and CMMC compliant and be able to conduct a self-assessment for the NIST 800-171 SPRS submission.

View Video

Ignyte

Read more about Midway Swiss Case Study: Journey towards CMMC Compliance with Ignyte

Speed up container fixes with Snyk's new automated parent image detection

Aug 12, 2021 By Jim Armstrong In Snyk

Shipping your apps in containers gives you the freedom to build upon the work of others. You can pick from a variety of ready-to-use container images that will run nearly any code or framework you have. Snyk Container already helps users manage their parent images and provide guidance when there are better options available — images with few vulnerabilities, or a smaller footprint overall, or both.

Read Post

Snyk

Read more about Speed up container fixes with Snyk's new automated parent image detection

What does it take to build a successful SOC?

Aug 12, 2021 By The Redscan Team In Redscan

Modern, effective cyber security demands a strategic combination of technology, intelligence and human expertise. A Security Operations Centre (SOC) is an effective way to strike this balance, providing the right level of support required to prevent, detect and respond to threats 24/7.

Read Post

Redscan

Read more about What does it take to build a successful SOC?

New Phishing Attacks Exploiting OAuth Authentication Flows (Part 3)

Aug 12, 2021 By Jenko Hwong In Netskope

This blog series expands upon a presentation given at DEF CON 29 on August 7, 2021. In Part 1 of this series, we provided an overview of OAuth 2.0 and two of its authorization flows, the authorization code grant and the device authorization grant. In Part 2 of this series, we described how a phishing attack could be carried out by exploiting the device authorization grant flow.

Read Post

Netskope

Read more about New Phishing Attacks Exploiting OAuth Authentication Flows (Part 3)

Industry Experts Weigh In: Addressing Digital Native Security Challenges

Aug 12, 2021 By Ayala Goldstein In Mend

Keeping up with today’s rapidly evolving threat landscape is an ongoing journey for software development enterprises in cloud-native environments, as many struggle to keep their assets and customers secure while keeping up with the competitive pace of software delivery in cloud native environments. Earlier this summer WhiteSource hosted a roundtable discussion with HackerOne, AWS, and IGT about the new security challenges enterprises face as they shift to a digital native environment.

Read Post