Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today’s threat actors often carry out cyber attacks with the primary objective of accessing and exfiltrating sensitive information from your IT environment. Efforts to obtain this “crown jewel” information usually involve complex multi-phase cyber attacks. But another way in which sensitive data ends up in the hands of malicious actors with a lot less effort is when an organization exposes sensitive data assets in a data leak incident.

With flexible work environments now the norm, the use of endpoint devices has increased – whether your organization allows work-from-home days, hires freelancers, and collaborates through email and phone calls. Many employees require access to the corporate network to carry out their daily responsibilities, and endpoint devices allow employees to do just that. That said, endpoints have become one of the biggest attack vectors for cybercriminals since they are easier to target.

If you work in an organization, you’ve probably had to take a cybersecurity training course at some point during your time there. Regardless of whether you work in cybersecurity or not, most of us breeze through the slides or videos, halfway listening to the warnings about spear phishing emails and hacking tactics. We complete the training and then we tuck away the lessons learned until the next year when we have to do it all again.

No security team — at least no effective security team — can operate successfully in a silo. Even expert teams know the value of leveraging the power of the community to build effective security content, share intelligence, and keep current with best practices.

Reduce the time your team spends investigating security issues by using a customizable dashboard that shows your organization’s entire security posture. With the new Sumo Logic and Panther integrations for 1Password, you can monitor potential risks around company data or credentials stored within 1Password.

John Tuckner is a recognized leader in the field of security automation. As Principal Technical Program Manager at Tines, John helps new and existing customers identify more opportunities to leverage the platform, and enables them to build transformative automation workflows to improve their security operations.

From TVs to fridges to energy meters, more and more of the items we use every day are now smart devices. 87% of US households have at least one smart TV, up from 50% in 2014. And with ownership of smart speakers, thermostats, lights, and security systems also on the rise, it’s expected that smart homes will soon become the norm. This ever-expanding network of smart devices is known as the Internet of Things (IoT).

The JFrog Security research team continuously monitors popular open-source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. At times, we notice trends that are worth analyzing and learning from.

In 2022, the buzz phrase of the year has to be “The Great Resignation”. What is it? It’s a term coined to describe the current rise in people leaving their employer to find work elsewhere. But people have always moved on, right? Of course they have. Staff retention rates have always been a target for most HR functions. But something is different in 2022. More people are leaving organisations quicker than they did previously.

I recently wrote a blog post outlining what to do in the first 24 hours after you have been breached, and in my conclusion I mentioned that capturing the incident in a case study could help unlock budget in future. Today, I want to look at this in more detail, and consider the approaches you can take to analyse the cost of a breach in order to make a request for appropriate preventative spend.