Sharing Activeboards
In Devo’s role-based security scheme, shared Activeboards are domain resources that can be assigned to selected roles with permissions for viewing and managing them.
Unveil hidden malicious processes with Falco in cloud-native environments
Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes even more complicated if those malicious processes are hidden. A malware using open source tools to evade detection has been reported. The open source project used by the malware is libprocesshider, a tool created by Sysdig’s former chief architect Gianluca.
OWASP Top 10 API security vulnerabilities | API security risks
OWASP API security top 10 is an API security project that focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs). Through community-led projects globally, it is a great source for tools, resources, education & training for developers and technologists to secure the web and mobile applications. This community has also produced some of the best testing guides, cheat sheets, methodologies and a lot of community work for which all of us are grateful.
Tackling the Insider Threat: The Path to Mitigation
Learn the basics of the insider threats: what are insider threats? Where do they come from? What are progressive mitigation methods for active threat prevention?
Netacea's Bot Mitigation Now Available on Salesforce Commerce Cloud
Manchester, 25th March 2021 – Netacea, a bot detection and mitigation specialist, has made its services available through Salesforce Commerce Cloud. Users of the SaaS eCommerce platform will be able to quickly integrate Netacea’s technology and protect against malicious bots. Commerce Cloud is Salesforce’s platform for B2B and B2C commerce, empowering brands to create enhanced shopping experiences across all channels.
Assessing the cybersecurity landscape
In the latest installment of the ManageEngine Insights' podcast, enterprise analyst John Donegan sits down with Andy Bates, the executive director of the Global Cyber Alliance. An expert in the field of cybersecurity, Bates discusses current IT security trends, attack vectors, crime deterrents, and other emerging issues, such as biometrics and blockchain technologies. Bates also addresses user psychology as it relates to IT security, as well as some of the silver linings of the COVID pandemic.
Data Privacy Update: Virginia Consumer Data Protection Act (VCDPA) in global context
And so it continues. Last month, Virginia passed its own privacy law, the Virginia Consumer Data Protection Act (VCDPA), adding fuel to the fire over a US federal privacy law, and introducing new complexities for businesses operating in or addressing the US market. It will take effect on January 1, 2023 (the same day as California’s CPRA which amends the current CCPA) and was passed in record-breaking time: less than two months, and by an overwhelming majority.
DevSecOps and the Cloud: How Leaning on Your Cloud Provider Can Help You Shift Left
Over the past several years, an increasing amount of organizations have been moving their applications from on-premises to cloud-hosted platforms. And with the current pandemic forcing most businesses to adopt a fully remote work environment, the cloud is even more appealing. Gartner reported that cloud spend rose by double digits in 2020, and it’s expected to continue to grow by 18.4 percent in 2021.
What is a Data Protection Officer (DPO)?
A data protection officer (DPO) is an employee or contractor hired to oversee a company’s data protection strategy and ensure compliance with the General Data Protection Regulation (GDPR). The role was introduced in 2018 to promote compliance with the new laws governing how the personal data of EU citizens is handled. All public authorities are required to appoint a data protection officer to comply with GDPR.
What is the Principle of Least Privilege?
Here is a simple illustration of how the principle of least privilege works. Remember when you installed Whatsapp? You most likely got a prompt asking you to click “Allow” so the app could access your media, run in the background, or manage contacts. In that instance, you were extending privileged access to the application, so it runs effectively for you.