Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

March 2024

synopsys

Attesting to secure software development practices

Mar 12, 2024 By Tim Mackey In Synopsys
It’s been almost three years since President Biden issued Executive Order 14028, and while we’ve heard vendors talk about “compliance with EO 14028” for about that long, the reality is that industry hasn’t had anything to comply with—until now. On March 11, CISA published the Secure Software Development Attestation Form as part of its obligations under OMB memo M-22-18 and the successor OMB memo M-23-16.
Read Post
archTIS

archTIS Recognized as a 2024 Microsoft Security Excellence Awards Finalist for Compliance & Privacy Trailblazer

Mar 12, 2024 By Kurt Mueffelmann In archTIS
archTIS is pleased to announce it is a Compliance & Privacy Trailblazer award finalist in the 2024 Microsoft Security Excellence Awards. The company was honored among a global field of industry leaders that demonstrated success across the security landscape during the past 12 months. We are extremely proud to be recognized as a finalist for the Compliance and Privacy Trailblazer award for the second year in a row.
Read Post
securitysenses

Local Insights: Navigating the Web With Indian Proxies

Mar 11, 2024 By SecuritySenses In SecuritySenses
Sites and services in India can be difficult to access from outside because of the requirement for connections to originate from within the country. Although teleportation is not yet a reality, Indian proxies provide another means of circumventing geographically imposed limitations.
Read Post
nightfall

Nightfall AI Transforms Enterprise DLP with AI-Native Platform

Mar 11, 2024 By Nightfall In Nightfall
Nightfall AI today unveiled new capabilities to transform data security for the modern enterprise. The industry's first generative AI (GenAI) DLP platform now offers coverage for SaaS Security Posture Management (SSPM), data encryption, data exfiltration prevention and sensitive data protection. These products expand the company's existing suite of data leak prevention (DLP) solutions for protecting data at rest and in use across SaaS applications, GenAI tools, email and endpoints.
Read Post
netacea

Why Your Current Anti-Bot System Might be Failing

Mar 11, 2024 By Alex McConnell In Netacea
Anti-bot solutions have been around for a long time. Firewalls and WAFs are used by all kinds of businesses to protect their online assets from malicious bots. But as bots become more sophisticated and bot traffic volumes increase, many of these measures have become outdated and ineffective. If your anti-bot system isn’t performing, it could open your site to serious data breaches and other threats like Credential stuffing attacks and online fraud.
Read Post
spambrella

Essential Cybersecurity Topics

Mar 11, 2024 By Spambrella In Spambrella
The importance of security awareness It’s well worth taking the time to craft a meaningful and engaging security awareness program. By presenting the right mix of information to your users in a compelling way, you can empower them to help you improve your organization’s security posture as well as create a more robust security culture overall. The cybersecurity topics that you include in your program should be relevant to your business and industry, of course.
Read Post
cyberint

Open Bullet 2: The New Tool for Credential Stuffing Attacks

Mar 11, 2024 By Alon Davidoff In Cyberint
Cybercriminals are always on the lookout for vulnerabilities to exploit and steal sensitive information. One such threat is credential stuffing, a type of cyberattack that can cause significant damage to both individuals and businesses. Credential stuffing is a cyberattack that involves the use of stolen account credentials to gain unauthorized access to user accounts on other systems.
Read Post
splunk

Detecting New Domains in Splunk (Finding New Evil)

Mar 11, 2024 By Tamara Chacon In Splunk
In this installment of Hunting with Splunk we’re showing you how to detect suspicious and potentially malicious network traffic to “new” domains. First, let’s delve into what we mean by “new” domains and why you should make a habit of detecting this activity in the first place. (Part of our Threat Hunting with Splunk series, this article was originally written by Andrew Dauria. We've updated it recently to maximize your value.)
Read Post
jumpcloud

OneLogin Alternatives: Comparing JumpCloud vs. OneLogin

Mar 11, 2024 By Kelsey Kinzer In JumpCloud
Assigning users to the right devices, applications, networks, VPNs, and files is a critical part of every company’s IT workflow. Get it wrong, and you’ve instantly tarnished a new hire’s experience — or worse, opened the door to security and compliance violations. With so much riding on this one component of IT or MSP work, organizations of any size need to be judicious about the identity and access management (IAM) tools they select.
Read Post
Trustwave

Frost & Sullivan: Trustwave MDR Growth Will Exceed Industry Average

Mar 11, 2024 By Trustwave In Trustwave
The security analyst firm Frost & Sullivan positioned Trustwave as a leader and top innovator in its research on the MDR market landscape, noting its innovative, industry-leading cloud-native Fusion platform provides visibility into cloud, network, endpoint, OT, and email environments, while its Managed Detection and Response solution will spur faster than average industry revenue growth.
Read Post

The 443 Podcast, Ep. 282 - A Wild Month in Ransomware

Mar 11, 2024 By WatchGuard In WatchGuard
This week on #the443podcast, we’re joined by Ryan Estes, a member of WatchGuard’s Zero-Trust Application Service classification team and resident ransomware expert, to discuss the wild month in ransomware news. We start the episode with a story about a fake ransom operator who scammed cybercriminals out of tens of thousands of dollars before discussing two major Ransomware-as-a-Service operators that have had a rough couple of weeks.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.