Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk’s Chief Architect, Josh Stella, recently hosted a webinar about cloud security. Stella was the co-founder and CEO of Fugue, a cloud security and compliance company that was acquired by Snyk. With the capabilities of Fugue, Snyk will bring its developer-first security platform into the cloud security space. During this talk, Stella discussed the missing story in every cloud breach: the tale of how, when, and where attackers operate in the cloud.

As organisations speed up their cloud migration strategies, security remains a prime concern. Despite the adoption of various security solutions on cloud computing platforms, we continue to see detrimental data losses and cybersecurity breaches being reported. The consequences of such an event range from financial losses and fines, to reputational damages which lead to a loss of market share.

On the latest episode of the Security Soapbox podcast, I spoke with Ramy Houssaini, Chief Cyber and Technology Risk Officer at BNP Paribas, about the challenges Chief Information Security Officers (CISOs) face in an increasingly complex digital landscape. Change happens quickly in the cloud, and many organizations are faced with the issue of evolving their security strategy at the same pace. This ends up leaving sensitive apps and data vulnerable to cyberattacks.

Cyberattacks targeting university and government healthcare facilities are on the rise. In the first four months of 2021, the U.S. Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center tracked a total of 82 ransomware incidents targeting the healthcare sector, with nearly 60% of them affecting the U.S. market. The impact has been devastating.

Have you been worried about whether your deployment is secure? Are you tired of keeping track of all security vulnerabilities and vendor-provided patches to ensure that your exposure to such vulnerabilities is minimized? What about making sure that the certificates for your hundreds of forwarders, indexers, search heads and other Splunk connectors are not expired? You’re not alone!

SAST is one of the matured security testing methods. In the SAST, the source code is examined from the inside out while components are in a static position. It performs scanning in-house code and design to identify flaws that are reflective of weaknesses, and that could invite security vulnerabilities. The scans performed by SAST tools are dependent upon prior identification of rules that specify coding errors to examine and address.

While the Internet of Things (IoT) can provide helpful insights, it can also introduce a host of new security vulnerabilities into your organization. Without a clear understanding of the importance of IoT security, your organization will continue to introduce new vulnerabilities without even realizing it. Let’s take a closer look at how IoT security is important and the best practices your organization can use to improve the overall security of your organization.