Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Internal vs External Vulnerability Scans: Understanding the Difference

When it comes to establishing a robust mobile application security posture, vulnerability scanning is certainly the go-to option. But given the complex cybersecurity challenges of modern times, it might be complicated and challenging to implement vulnerability scanning properly. According to the 2020 Edgescan Vulnerability Statistics Report, around 35% of the vulnerabilities discovered in external-facing apps were of critical or high risk.

Optimizing Cloud Security Efficacy & Performance Through a Single-Pass Architecture

Cybersecurity has a bad rap for getting in the way of business. Many CIOs & CISOs dedicate a lot of time to minimizing security solutions’ performance drag on their network traffic while ensuring that the solutions continue to do their job keeping the network secure. The move to the cloud exacerbates this challenge.

Featured Post

6 Ways to Support a Remote DevOps Team

Remote working is here to stay, so it's vital that businesses understand how to get the best out of their staff. For some roles, working remotely is easier than others - DevOps employees, for example, can face challenges if they're not fully supported within the organisation. In a distributed workforce, there's a higher risk of security issues and application problems, so it's crucial that organisations support them to keep the organisation running smoothly. Here are 6 ways to do just that.

How Cloud Evangelists Face - and Overcome - Cloud-Computing Security Challenges

This is the third in a series of posts examining the recent Devo research report, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, which is based on a survey conducted by Enterprise Strategy Group (ESG). This time, we’ll take a look at the cloud-computing security challenges Cloud Evangelists face. Let’s begin by explaining how we define that group.

Four Steps to Modernizing Government Cybersecurity with Zero Trust based on the Executive Order

The pandemic has accelerated digital transformation and telework on a scale never seen before. Employees are working from anywhere and collaboration in the cloud has skyrocketed. But this new environment has expanded the cyber attack surface, compromising critical U.S. infrastructure and lives of our citizens. The recent slew of major cyber attacks including SolarWinds, Microsoft Exchange and Colonial Pipeline, has moved cybersecurity improvements to the top of the agenda for the U.S.

Secure Coding Practices to Prevent Vulnerabilities in SDLC

Unlocking the Secrets of building a secure app Under 60 Minutes Build a culture of Secure Programming in your engineering team . With the amount of (attempted) security breaches and high paced sprint cycles, securing your mobile applications from day 1 is a driving force to ship applications at speed.

AI everywhere: How AI is being applied in 4 different fields

Image Source: Pexels This blog was written by an independent guest blogger. Historically, the idea of artificial intelligence (AI) saturating our world has been met with suspicion. Indeed, it’s one of the more popular tropes of science fiction — learning machines gain sentience that helps them take over the planet.

Not Laughing: Malicious Office Documents using LoLBins

Attackers have long used phishing emails with malicious Microsoft Office documents, often hosted in popular cloud apps like Box and Amazon S3 to increase the chances of a successful lure. The techniques being used with Office documents are continuing to evolve. In August – September of 2020, we analyzed samples that used advanced techniques like: In January 2021, we examined samples that use obfuscation and embedded XSL scripts to download payloads.