Too good to be true? Then it probably is. If you think that link is suspicious, don’t click it. A friendly reminder from CISO Global — Always be sure to verify links, secure your passwords, and stay informed#cybersecurity #ciso #phishingattacks.

In this Tech Tip Tuesday video we share how to securely store secrets like API keys or other credentials environment variables. To do this we use the python dotenv project to store secrets in a.env file and load them into local memory. Subscribe for more tech tips, on Tuesdays and other days.

So you're interested in getting Cyber Essentials Plus certified, but are wondering about what's involved in the test, right? Well, this video is especially for you. Just you.

Cyber Essentials is worth getting. You probably know this already, but what about Cyber Essentials Plus? Which one do you need, which one should you get, which one's better? If these are questions you have, then boy do we have the video for you.

How well would you say you know your users? Are you a designer, product manager, startup founder or anyone looking to better understand the needs of their target audience and wondering whether a diary study is the right methodology for your discovery research project? Look no more! Jenny Li's talk will help you understand how to conduct a diary study, what you need to plan for, and what you'll get out of it.

The video based on this article discusses a cybersecurity researcher's experience in uncovering a major security flaw in an AI-based hiring system called Chattr.ai, which provides services to numerous fast-food chains and hourly employers across the United States, including popular names like Applebees, Arbys, Chickfila, Dunkin, IHOP, KFC, Shoneys, Subway, Tacobell, Target, and Wendys. The researcher's investigation was triggered by their suspicion that many startups using Firebase, particularly those with the.ai top-level domain, may have exposed credentials.

Bharath Kashyap helped create a lightweight, programmatic approach to performing a maturity assessment using free MITRE tools (like ATT&CK framework, D3FEND, and MITRE Centre for Threat Informed Defense (CTID)) to provide a starting point for you to understand your organization’s coverage against the framework, identify areas for improvement and prioritize them for implementation. In this video, Bharath walks through a few ways to make the assessment tool work for your organization.

Did you know that open source code constitutes up to 95% of the code in your applications? This creates a web of dependencies that can pose security, quality, and compliance risks. Black Duck provides a solution by helping you generate an accurate software bill of materials (SBOM) in minutes, giving you visibility into your software supply chain. Watch the video to streamline your SBOM generation process and take control of your software supply chain.

Learn how to overcome today's DevSecOps challenges to achieve strong DevSecOps maturity.

In this WatchGuard Support video, you'll learn how to get started with WatchGuard Endpoint Security.