Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Has Ransomware Turmoil Started Slowing Down for Good?

On the surface, ransomware – malicious software designed to block access to a computer system until a sum of money is paid – appears to be off to yet another ruthless start in 2023 as one of the leading types of malware. Recent victims of public attacks in North America include industries such as health care, communication, education, and even government offices and municipalities.

What APIs Do and Don't Do

It’s hard to be in the realm of technology and not hear about APIs these days. Whether it’s the launch of the ChatGPT API or news of a significant data breach at Twitter, APIs are having their time in the spotlight. Yet, despite their ubiquity, many still have questions about APIs' capabilities (and limitations). What are APIs for? What do they do? And what are they unable to do in the current era?

What is whaling?

Enhancements to network security within organizations have made it harder for threat actors to penetrate networks and systems. As a result, people have become the primary target for cyberattacks, with email providing the most effective mechanism for launching these attacks. This leads to all employees within an organization being frequently targeted by phishing attacks.

The benefits of Privileged Access Management for compliance and regulation

Privileged Access Management (PAM) is a crucial aspect of any organization's cybersecurity strategy, especially in industries that handle sensitive data, such as health care, finance and government. PAM involves implementing policies, procedures and tools to manage and monitor access to privileged accounts and limit the risk of unauthorized access or misuse. This ensures that only authorized personnel can access critical systems and data, reducing the chances of a security breach.

Better Together: Stopping API Attacks with Salt and AWS WAF

APIs power today’s digital economy and enable organizations to succeed in their business innovation efforts. Because every company’s APIs are unique, so are its security gaps, which bad actors will inevitably try to exploit. Only through rich context and deep behavioral analysis can these attackers be stopped. Many of the APIs that enable today’s applications and business services live and breathe within the Amazon Web Service (AWS) ecosystem.

SIEM vs. MSSP vs. MDR: An Essential Guide

Cybersecurity is a constant journey, always full of fresh challenges. New threats keep popping up. Endpoint-only solutions are ineffective. And the cybersecurity skills shortage makes it difficult to recruit and retain top talent — especially with the increasing salaries required to be competitive. You may consider a security operations center (SOC), until you find out that operating one in-house is prohibitively expensive and time-consuming.

OWASP API Security Top 10 2023 Explained

The Open Web Application Security Project (OWASP) is a non-profit foundation devoted to web application security. One of OWASP's guiding principles is that all of their resources should be freely available and simple to find on their website, enabling anyone to increase the security of their own web applications. They provide forums, tools, videos, and documentation among other things.

The Top Cyber Attacks of May 2023

May often heralds the start of summer — warm weather, long days, and plenty of cybersecurity workers taking much needed time off. Cybercriminals however, are always at their monitors and love to take advantage of times when they know defenses may be down and this month was no different. May saw a wide range of cybercrime, including disruptions of schools and news organizations, a slow-burn in the tech sector, and public negligence from one of the web’s most well-known entities.

ServiceNow and NVIDIA Team Up: What to Know

A couple weeks ago, ServiceNow and NVIDIA announced a groundbreaking partnership to help expand ServiceNow’s generative AI use cases for their customers to strengthen workflow automation and rapidly increase productivity. ServiceNow is also helping NVIDIA streamline its IT operations by using NVIDIA data to customize NVIDIA NeMo foundation models running on hybrid-cloud infrastructure.

Snyk scanning capabilities are now embedded in Jira Software

Today, development is faster than ever. More apps and code are being written than ever before. There are more third-party dependencies in use to speed development, more containerization, and even code that controls the deployment and configuration of apps and the cloud. To ship quickly, developers need to stay on top of security issues. They want to understand how to build secure applications by getting feedback as they work.