Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Public or Private Cloud: Choices to Consider
Organizations are progressively moving towards a predominantly cloud-based computing environment. What this means is that essentially all of their back-end infrastructure, systems, and client-facing applications can be accessed and distributed through the cloud. Modern cloud computing goes a step further than simply being present in a virtual environment.
What is Microsoft EV Code Signing Certificate?
Developing an application is not a cakewalk. A lot goes into making sure that the development of the app occurs without any complications. From the development to the testing of the app, every process must be conducted with utmost precision to beat any risks of inaccuracy. That is why a developer must be confident about creating an application that is successful. However, that is not the only consideration to make.
Panel: Access at Scale
Moderated by Ben Arent, DevRel Manager at Teleport. Panelists: Joseph Conti, Production Engineer at Jump Trading Group; Chris Spann, Production Engineer.
What Is MAS TRM?
All financial institutions operating in Singapore are required to comply with the MAS TRM guidelines in order to operate legally. In order to ensure the safety of their operations, customers, as well as the wider financial system, financial institutions are required to conduct regular risk assessments and implement appropriate risk management measures.
Democratized Breach Damage: The Economics Behind Ransomware
In this video, we explore the economics behind ransomware and how it has been democratized through the use of cryptocurrencies like Bitcoin. While the recent breach affecting multiple companies is concerning, the real interesting aspect is the commercial, professional cybercrime as a service economy that has emerged as a result. We discuss how the ability to monetize ransomware has led to its rise and how alternative forms of payment like Amazon vouchers were previously used before the widespread adoption of cryptocurrencies. It's not just about the technology aspect - the economics behind ransomware are equally fascinating.
The Big Fix. OWASP TOP 10 Snyk Learn Path (Cryptography & Outdated Components)
OWASP stands for Open Web Application Security Project. This non-profit foundation works to improve software security. They have published a top 10 list that acts as an awareness document for developers. It represents a broad consensus about the most critical security risks. Our goal at Snyk Learn is to educate developers and one way we do that is by covering the OWASP top 10 list.
What is Slowloris DDoS Attack and How Does it Work?
Slowloris is a type of DDoS (Distributed Denial of Service) attack that exploits web servers to handle incoming connections. In a Slowloris attack, the attacker sends many HTTP requests to the target web server, but unlike a regular DDoS attack, the requests are sent slowly over a long period of time. The attack sends incomplete HTTP requests to keep the connections open for as long as possible. The attacker then mimics this pattern by sending many incomplete requests to the server.
7 Battle-Tested Tips for Using a DAST Scanner
While modern web applications are growing in complexity, the threat landscape is also constantly evolving. It can be difficult for developers to identify and remediate vulnerabilities in their code, especially if they need more expertise in security. As a result, manual application security testing has become ever more challenging and intricate.
Why You Shouldn't Turn Off 2FA
You shouldn’t turn off your Two-Factor Authentication (2FA) because it removes the extra layer of security it adds to your account, making it easier for cybercriminals to compromise it. Keep on reading to learn why 2FA should be left enabled for your online accounts and why it should be added to your accounts if it isn’t already.
Cybersecurity Insights from The World Economic Forum in Davos: Part II
On the final day of the World Economic Forum, we shared SecurityScorecard’s five key cybersecurity insights based on the discussions that dominated our time in Davos, Switzerland. Several weeks later, after gathering our thoughts from everything we saw, heard, and contributed to in Davos, we’d like to expand on our cybersecurity perspectives from the Forum and provide five additional insights.