Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you’re a growing start up, chances are you’ll need to demonstrate trust to your customers. To ensure you have strong data protection measures in place and a robust security posture, they’ll often ask to review either your ISO 27001 certification or your SOC 2 report. For a while, you may get by by filling out their lengthy security questionnaires, but eventually you’ll need to get your ISO 27001 or SOC 2, depending on your product, industry, and region.

We are thrilled to announce that Snyk has been acknowledged as a key player in the evolving landscape of application security. The recent release of Snowflake's Next Generation of Cybersecurity Applications report has designated Snyk as an Emerging Segment Leader in Application Security, highlighting our commitment to innovation and excellence in the field.

Software liability is an increasingly important area for every software development company and team. At its core, software liability is about protecting users from damages caused by software issues. As more software is in use than ever before, there’s a lot of ways that software — and its manufacturers — could be held responsible for certain actions or inactions. Indeed, even the rise of cyber insecurity globally could fall into this murky area.

There’s no single perfect, one-size-fits-all SOC model. Leaders are still unsure whether to bring the SOC in-house, get it outsourced, or do a mix of these two approaches (the so-called hybrid SOC). How do you choose? Investing now in the right model (with adaptability and portability as key considerations) might not be glamorous, but it will set you up for success in the future.

Today, data privacy is the new strategic priority for many companies. Prioritizing data privacy boils down to two key drivers: Indeed, the awareness piece has grown significantly, both leading to and because of stringent data privacy regulations, including GDPR and CCPA, the California Consumer Privacy Act. (First time on Splunk.com? You might see a pop-up banner specifically for you to opt in or out.) So, let’s take a look at the concept of data privacy and what’s behind it.

Guest post originally published on Kubescape’s blog by Oshrat Nir, Developer Advocate at ARMO and a Kubescape contributer.

Industry analysts Piper Sandler do a yearly 'Industry Note' where they survey CIOs about their next year budget expectations. For 2024 there is a noticeable improvement regarding enterprise IT spending. The header of their survey was: "2024 CIO Survey | Investments in Security, AI, and Cloud Driving IT Rebound". Here is the summary of the full report which is a good read and warmly recommended.

December 7, 2023 - The Wall Street Journal has an interesting perspective on K-12 Public schools suffering ransomware attacks. The number doubles between 2021 and 2022 to almost 2,000 a year. Here are a few paragraphs with a link to the full article: "Hacks are on the rise across all industries, but the public sector’s weak protections make it an increasingly attractive target for cybercriminals.

Security analysts at identity vendor Sumsub are seeing a massive rise in the use of deepfake fraud in their Identity Fraud Report 2023. And one country may be to blame. While Sumsub’s focus is more around all forms of identity security, it's witnessing a significant increase in deepfakes, as deepfakes are a form of identity fraud. According to Sumsub, the top three fraud trends identified were: The approximate overall growth rate worldwide for the use of deepfakes is 10x.

The US Justice Department has indicted two individuals for launching spear phishing attacks against the US, the UK, Ukraine and various NATO member countries on behalf of the Russian government. “The indictment…alleges the conspiracy targeted current and former employees of the U.S.