Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Protecting the Modern Software Factory
In this document, we go beyond classical definitions of DevSecOps to express our vision of an emerging collaboration between Developers, AppSec, and Ops teams: the AppSec Shared Responsibility Model.
Managing risk in the age of data privacy regulation
Protecting data from theft and improper use has long been the domain of cybersecurity and IT executives. But today, this is also a very real concern for the C-suite and, in many cases, the board of directors, all of whom are well aware of the repercussions of a data breach and failing to comply with regulations.
Why a holistic approach to managing risk is key to solving complex IT problems
Cybersecurity and reliability risks cannot be managed by working in silos. The key to solving complex IT operations problems collaboratively is to build a common engineering approach.
The ultimate guide to scaling your compliance program
Do you need to add more security frameworks to your existing compliance program, but don't know where to start? Scaling your compliance program can feel like you're proving your security from scratch. It doesn't have to.
The Complete Guide to MVSP
With security, you can never have too much. MVSP is the latest in security compliance minimalism, created by present-day SaaS companies. MVSP, Minimal Viable Secure Project, is a lightweight security checklist for enterprise-ready products and services. MVSP is not intended to replace long-standing security framework standards like SOC 2, PCI, or NIST.
Getting Ready for NIS2 - Why Identity Security is Key to Preparing for Compliance Updates
In January 2023, EU member states formally enacted a revision of the 2016 Network and Information Systems (NIS) Directive. Conceived in response to several widely publicized and damaging cyberattacks, the NIS2 Directive strengthens security requirements, streamlines reporting obligations and introduces more stringent supervisory measures and stricter enforcement requirements. This paper provides a brief introduction to NIS2 and explains how it might affect your business and how you can prepare.
Securing Non-human Identities and Managing Secrets in Multi-cloud Environments
Cloud migration and digital transformation have led to an explosion of non-human identities that need to be secured across multiple cloud and hybrid environments. And more identities mean more secrets that need to be secured, rotated and managed. That's where SaaS-based secrets management can help. In this eBook, you'll learn about: Want to learn more about SaaS-based secrets management? Schedule a meeting to speak to one of our experts today!
Why an SBOM is Vital to Application Security and Compliance
Attacks targeting the software supply chain are on the rise. Indeed, data from the Mend Open Source Risk Report shows a steady quarterly increase in the number of malicious packages published in 2022, with a significant jump in Q3, which jumped 79 percent from Q2. The European Cybersecurity Agency (ENISA) predicts that supply chain attacks will increase fourfold by 2022.
4 Ways Adversaries Hijack DLLs - and How CrowdStrike Falcon OverWatch Fights Back
Dynamic link library (DLL) hijacking is frequently written about by defenders due to its applications in evading automated detections. This technique is even more frequently used by adversaries in interactive intrusions. Despite the wealth of literature available to increase defenders’ awareness of DLL hijacking, CrowdStrike® Falcon OverWatch™ threat hunters see adversaries gravitate toward this tradecraft time and again to load malicious code.
2022: Zenity's Tale of Diligence and Growth
2022 was a momentous year in many ways. One of the most significant shifts of 2022 is so substantial – and so successful – that many businesses are already taking it for granted. Low-code/no-code (LCNC) is here to stay! As we predicted early this year, 2022 was the year that LCNC became almost taken for granted, a ubiquitous and empowering trend across businesses.