A couple of weeks ago The Payments Canada SUMMIT gathered more than 2,000 delegates from financial institutions in Canada and around the world for a virtual one-week conference. INETCO was a sponsor of Canada’s premier payments event. Our team participated in industry discussions, met peers, and learned more about future innovation opportunities in the financial ecosystem. 2021 was a record-breaking year for The Payments Canada SUMMIT.

Companies generate data at an exponential rate, and the task of analyzing data to produce relevant security insights can be overwhelming. With evolving market dynamics and threat landscapes, security teams have a greater need for integrated and scalable monitoring that provides real-time and meaningful insights into the state of organizational security posture.

Mobile Application Penetration Testing Methodology as a security testing measure, analyses security perimeters within a mobile environment. Derived from the traditional concept of application security methodology, its main focus lies on client-side security and it broadly puts the end-user in control. By conducting penetration testing, companies can gain insights into the source code’s vulnerabilities, bottlenecks, and attack vectors beforehand.

We’re excited to announce the launch support for AWS CloudFormation in Snyk Infrastructure as Code. In our recent Infrastructure as Code Security Insights report, we found that 36% of survey participants were using AWS CloudFormation (CF) as their primary infrastructure as code tool of choice. Using Snyk Infrastructure as Code, you can now scan your CF YAML or JSON templates against our comprehensive set of AWS security rules.

When it comes to security threats, a few minutes additional response time can make the difference between a minor nuisance and a major problem. Datadog Security Monitoring enables you to easily triage and alert on threats as they occur. In this post, we’ll look at how you can use Datadog’s webhooks integration to automate responses to common threats Datadog might detect across your environments.

We alluded in one of our previous posts that the development team will own a lot of responsibility defining application related resource access control, simply because the dev team owns the infrastructure as code (IaC) responsibility themselves. No matter how security-savvy and security-educated a development team is, the central security team still needs some control, some kind of “trust but verify”.

Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Security’s Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many of the existing controls in that version. It also cleaned up the language of the CIS Controls, simplified some working, removed duplicate requirements, and created an abstract for each of the security measures.

For our latest specialist interview in our series speaking to technology leaders from around the world, we’ve welcomed the COO of DNSFilter, Jen Ayers to share her insights from the world of cybersecurity including the latest trends she is seeing on the rise and what business leaders need to keep in mind for the rest of 2021.

Use of cyber threat intelligence in a security operations center is an essential part to attain a strong security posture. Therefore, since cyber threat intelligence is that important, understanding the general framework is also vital.