Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Enterprise Account Executive Chris Gowans helps potential customers understand how they can scale more effectively and efficiently with our no-code automation platform. Chris ensures every impression counts, from gathering information on discovery calls to closing deals and shaping creative customer-facing efforts! Read on to learn more about his day-to-day at Tines.

SecurityScorecard (SSC) has identified a DDoS attack which targeted the websites of the Finnish Ministry of Foreign Affairs and Ministry of Defense. SSC discovered more than 350 bots, mainly located in Bangladesh and African countries, which are now considered to be part of the Zhadnost botnet, previously discovered by SSC in March.

Nearly every day, it seems like you’re reading about another data breach in the news. Between ransomware attacks and nation-state actors, you can’t rely on the old “trust but verify” adage anymore. Cyber resilience isn’t about preventing all threats, it’s about creating a security program that allows you to identify, investigate, contain, and mitigate threats quickly and effectively.

I have been waiting to publish a post with this title for a long time. With 1Password 8 for Linux and Windows out in the world – and the Mac version in beta – many folks have justifiably been asking, “but what about iOS? When do I get to see that?”

Styra Academy, our online training portal for free courses on OPA, Rego, and Styra Declarative Authorization Service, has a new course available - Microservice Authorization! Before diving in, let’s get a better understanding of microservices and some of the authorization challenges developers need to consider. Microservices are everywhere — and securing them presents a unique set of challenges.

Automation is a key component of DevSecOps because it increases efficiency. Automating work in your software development lifecycle helps you integrate multiple tools into your workflow. It also lets developers, maintainers, and security champions focus on coming up with creative solutions for tough problems, rather than spending time on tedious manual tasks.

On Monday, April 11, 2022, NGINX published a security blog post detailing three vulnerabilities in the NGINX LDAP reference implementation. NGINX is web server software that also performs reverse proxy, load balancing, email proxy, and HTTP cache services. No CVE has been assigned to these vulnerabilities at this time. The reference implementation uses Lightweight Directory Access Protocol (LDAP) to authenticate users of NGINX proxied applications.