Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As container adoption in AWS takes off, ECR scanning is the first step towards delivering continuous security and compliance. You need to ensure you are scanning your images pulled from AWS ECR for both vulnerabilities and misconfigurations so that you don’t push applications running on AWS that are exploitable.

Cloud teams are increasingly adopting AWS container services to deliver applications faster at scale. Along with the roll out of cloud native architectures with containers and orchestration, what’s needed to stay on top of the security, performance and health of applications and infrastructure has shifted. At Sysdig, we’ve worked with Amazon to provide tools and integrations that help secure your Cloud Native workloads deployed across all AWS container services.

Formulating an IT security risk assessment methodology is a key part of building a robust information security risk management program. The two most popular types of risk assessment methodologies used by assessors are: A risk assessment is a process that aims to identify cybersecurity risks, their sources and how to mitigate them to an acceptable level of risk.

Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts. According to a report by CNBC, users of Android apps that made use of a software development kit (SDK) named oneAudience may have unwittingly shared information such as their email addresses, usernames and recent tweets.

The end of November is a busy time in the United States. On Thanksgiving, friends and family gather together to give thanks for good food and good company. Once they’ve put away the leftovers, many Americans don their coats and head to the malls for Black Friday. The official start to the Christmas shopping season, Black Friday is exciting because many retailers announce limited-time sales that promise huge savings to die-hard consumers.

On November 21st, NCR issued a security alert for a new form of Transaction Reversal Fraud (TRF) occurring in the UK, typically between 10 PM and midnight on any given day. Contrary to previously reported TRF attacks in which cash is pried from the dispenser after a payment reversal is initiated due to the jamming of the card reader, this new method does not require any interaction with the card reader or the use of modified cards.

Last year Detectify announced that we were AWS Technology Partners which meant that getting started with Detectify was made easier. This year we are thrilled to announce the release of a connector between AWS Route 53 to Detectify.

A vendor risk management questionnaire (also known as a third-party risk assessment questionnaire or vendor risk assessment questionnaire) is designed to help your organization identify potential weaknesses among your third-party vendors and partners that could result in a data breach, data leak or other type of cyber attack.

Traditional IT organisations have seen significant gains in adopting Platform as a Service (PaaS) solutions. In this blog post, the second in a series looking at the ways to adapt your security operations to reflect the new technologies of cloud solutions, we’re going to look at what you should consider when implementing your security controls for a PaaS environment.