Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The loss of data in any form is detrimental to an organization’s growth. However, the loss of IP in the form of CAD files perhaps is tantamount to ringing the death knell. In the world of manufacturing and high-tech companies the most critical IP, such as details of either mature products or yet-to-be patented prototypes, is represented as constructional drawings typically stored as CAD files. Consider, for example, the case of Apple losing its IP.

When you browse the web, use social media, or shop online, you probably don’t think about how your personal information is being safeguarded. However, with so many cyberattacks hitting the news on a frequent basis, this is something that should concern you. You see, hackers can gain access to your personal information if it isn’t properly encrypted and safeguarded. Thankfully, cryptography is here to save the day.

Before we delve into the reasons behind Optus breach, let’s see the chronology of events. According to various reports, Optus customer data was accessed via an API interface that was not secure. Apart from unauthenticated API, there was another serious issue related to easily enumerated ID’s (identifiers). These are foundational controls that were found lacking in the API implementation..

File Integrity Monitoring, aka as FIM, is a must-have feature for anyone in charge of security. With FIM, one can detect when a critical file, such as a file that belongs to the Operating System, or a key configuration file, is changed. In most cases, configuring FIM is straightforward: If the file changes then generate an alert.

Scanning a container image for vulnerabilities or misconfigurations on your GitLab CI/CD using Sysdig Secure is a straightforward process. This article demonstrates a step-by-step example of how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner with GitLab CI/CD. Although possible, this procedure is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

In support of the Executive Order on Improving the Nation’s Cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) recently published a Binding Operational Directive (BOD) 23-01, designed to improve cybersecurity for the Federal Civilian Executive Branch (FCEB) enterprise and their respective unclassified assets.

Since its inception almost a decade ago and the MirrorBlast campaign, the threat actor group known as TA505 has continued to plague the financial, retail and restaurant sectors.

In today's digital age, a business website is essential for success. Not only does it provide potential customers with information about your products or services, but it also allows you to connect and engage with them directly. However, simply having a website is not enough. To ensure that your site is effective and safe, you need to make sure that it has all the necessary security features. In this article, we will discuss twelve security features that every business website must have.