There’s a glimmer of good news amid the ever-evolving IT threat landscape – although it’s come about as a result of worrying illegal activity. Even though recent changes to data privacy laws have placed consumers in control of their personal information, the Federal Trade Commission (FTC) has found that some apps are, in fact, collecting data they don’t need.

In the past, cybersecurity has often been seen as disconnected from the rest of the IT team, as well as from an enterprise’s core business activities. Security professionals in some organisations have been left to operate in their own organisational structures, defining and enforcing policies with little interaction with other departments.

Open Policy Agent, or OPA, has emerged as an industry standard for cloud-native authorization and policy as code. From 2018 to now, it has grown from being a Cloud Native Computing Foundation (CNCF) sandbox project into a fully mature, graduated CNCF project, deployed by many of the largest organizations in the world. (For just the tip of the iceberg, here is a list of users who have made their adoption of OPA public).

This is the first Feature Byte in the AIOps series. The idea of the Feature Byte series is to talk about key operational tasks and processes in AIOps, and how CloudFabrix Data-Centric AIOps platform features help implement such tasks. Look for more such feature bytes over the next few weeks.

Snyk security researchers continually monitor open source ecosystems for malicious packages, utilizing static analysis techniques to identify and flag suspicious packages. Each malicious package is identified upon publication to the package manager and swiftly added to the Snyk Vulnerability Database. During recent research, the team found 12 unique pieces of malware belonging to the same actor.

Deploying security automation is hard if the criteria for success is beyond the scope of ticketing workflow. But the barrier of automation deployment has never been lower with the advent of so many Security Orchestration, Automation, and Response (SOAR) platforms now available to select from in the market and how attractive purchasing automation in a box (or in the cloud) is.

Fighting modern adversaries requires having a modern security operations center (SOC), especially as organizations move to the cloud. To protect their estates against tomorrow’s threats, security professionals have often turned to more data sources and adding more security monitoring tools in their operations, both in the pursuit of maximizing their attack surface visibility and reducing time to detect and respond to threats.

Stop me if you’ve heard this one: “we’re finding it really difficult to fill cyber roles.” In recent years, cyber-attacks have transcended industries and demographics — as has the need for strong, proactive cybersecurity. In the modern cyber landscape, everyone is a target, and every business needs to defend themselves against cyber threats. That means more organizations are on the lookout for security professionals.

In the event of a cyber attack, how confident are you that your Azure SQL data is safe and recoverable? As a commitment to cyber-proofing the cloud, we’re pleased to introduce new security enhancements to our previously-announced Azure SQL protection. Now, businesses and government agencies can further minimize the risk of data loss in Azure SQL databases and Managed Instances.

Let us start by defining Penetration Testing as a Service (also known as PTaaS) because there are several different definitions and variations being used throughout the industry. Some of the similarities include: This is where AT&T starts to differentiate itself from competitors. This next part we believe to be critical: There is a misconception about Penetration Testing as a Service, that it devalues the quality of testing.