%term

Ransomware protection in the open: Advancing efficacy through community collaboration

Feb 15, 2023 By Ayoub Faouzi In Elastic

Free and open access is one of the core principles upon which Elastic was originally built and continues to operate. Our products are free to use, and much of our code is accessible in public source code repositories. In recent years, this commitment to transparency and availability has extended to our security offerings.

Read Post

Elastic

Read more about Ransomware protection in the open: Advancing efficacy through community collaboration

When software isn't a "supply"

Feb 15, 2023 By Daniel Appelquist In Snyk

I was inspired to write this after reading a post from Thomas Depierre on Mastodon. The post touched on something that’s been troubling me recently. When it comes to software security, we spend a lot of time talking about the software supply chain and related concepts, such as the software bill of materials (SBOM). This metaphor comes from an industrial lexicon. People who are used to talking about economies and how manufacturing works are familiar with the idea of supply chain.

Read Post

Snyk

Read more about When software isn't a "supply"

The dangers of setattr: Avoiding Mass Assignment vulnerabilities in Python

Feb 15, 2023 By Jack Hair In Snyk

Mass assignment, also known as autobinding or object injection, is a category of vulnerabilities that occur when user input is bound to variables or objects within a program. Mass assignment vulnerabilities are often the result of an attacker adding unexpected fields to an object to manipulate the logic of a program.

Read Post

Snyk

Read more about The dangers of setattr: Avoiding Mass Assignment vulnerabilities in Python

Hello CISO - Episode 8: Common Sense Security Policies and Bullshit Ones

Feb 15, 2023 By 1Password In 1Password

The best policies for security aren’t always the policies that end up in the company security manual. Why? In this episode, Troy explores the difference between good security policies and CYA security policies… and how to close the gap between the two. Hello CISO is a collaboration between Troy Hunt and the people who build the world's most trusted enterprise password manager. To learn more, visit 1Password.com/business, and don’t forget to subscribe to be notified of new episodes.

View Video

1Password

Read more about Hello CISO - Episode 8: Common Sense Security Policies and Bullshit Ones

Convos with Customers: Vanta x ResoluteAI

Feb 15, 2023 By Vanta In Vanta

Join us for Vanta’s most recent Convos with Customers episode, where Eléonore Dixon-Roche, Senior Product Manager at ResoluteAI, explains how Vanta helped her step outside of her role and take on managing security and compliance for her company.

View Video

Vanta

Read more about Convos with Customers: Vanta x ResoluteAI

iOS 2FA Setup for Websites and Apps

Feb 15, 2023 By Keeper In Keeper

For added security on supported websites and apps, use Keeper to store two-factor authentication codes. When setting up 2FA on a site or app, Keeper for iOS can serve as your time-based one-time password or “TOTP” generator. This video will review how users can easily add a two-factor verification setup code or secret key from a website or app to a new or existing Keeper record. Initial Configuration Steps

View Video

Keeper

Read more about iOS 2FA Setup for Websites and Apps

Netwrix Usercube: Recertification

Feb 15, 2023 By Netwrix In Netwrix

Discover why access rights to your IT systems and data need to be recertified on a regular basis and how you can streamline this essential task with Netwrix Usercube.

View Video

Netwrix

Security

Read more about Netwrix Usercube: Recertification

Why Netwrix Usercube?

Feb 15, 2023 By Netwrix In Netwrix

Learn how Netwrix Usercube helps you ensure strong security, compliance and productivity as users join, leave and change roles in your organization.

View Video

Netwrix

Security

Read more about Why Netwrix Usercube?

Netwrix Usercube: Identity Governance and Administration (IGA)

Feb 15, 2023 By Netwrix In Netwrix

Learn why identity governance and administration (IGA) is the foundation of IT security, see real-world examples of effective IGA implementations and explore the benefits of choosing the right IGA solution.

View Video

Netwrix

Security

Read more about Netwrix Usercube: Identity Governance and Administration (IGA)

Info-Stealers Are on the Rise: A Look into Stealerium

Feb 15, 2023 By SecurityScorecard In SecurityScorecard

Info-stealers are malicious software designed to extract sensitive information, such as passwords, from victim systems. Info-stealers have become one of the most discussed malware types in cybercriminal underground forums. Let’s see how info-stealers have evolved recently to become the threat that they are. Then, we’ll look at a specific stealer freely available as open-source that could be used in future attacks.

Read Post

SecurityScorecard

Read more about Info-Stealers Are on the Rise: A Look into Stealerium

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ransomware protection in the open: Advancing efficacy through community collaboration

When software isn't a "supply"

The dangers of setattr: Avoiding Mass Assignment vulnerabilities in Python

Hello CISO - Episode 8: Common Sense Security Policies and Bullshit Ones

Convos with Customers: Vanta x ResoluteAI

iOS 2FA Setup for Websites and Apps

Netwrix Usercube: Recertification

Why Netwrix Usercube?

Netwrix Usercube: Identity Governance and Administration (IGA)

Info-Stealers Are on the Rise: A Look into Stealerium

Monthly Archive

Follow Us