In the fast-paced, large-scale world of digital business, establishing and managing an acceptable risk tolerance related to user identities — both human and machine — is a critical element of organizational security. At the forefront of this challenge is the need to strike the right balance between ensuring robust security and maintaining an environment that doesn’t impede innovation. After all, identities are the new perimeter in the cloud.

Google Workspace is a popular suite of cloud-based productivity and collaboration tools that enables users to create, co-edit, and share documents, spreadsheets, presentations, and more. While Google Workspace has many benefits, more than the platform is needed to meet the needs of businesses looking for more control, security, and governance over their critical content. They need a partner solution that integrates seamlessly with Google and prioritizes secure content collaboration - in comes Egnyte.

This is the second instalment of a two-part blog post. The blogs are based on one of our “AppSec Talk” YouTube videos, featuring Kondukto Security Advisor Ben Strozykowski and Rami McCarthy, a seasoned security engineer with experience at Figma and Cedar Cares. In that video, Ben and Rami delved into the critical role developers play in the security program and the application security lifecycle.

Analyst reports aim to provide market insights. But when it comes to Human Risk Management (HRM), we’ve noticed that they often fall short of capturing the full picture. You already know that we are the undisputed leader in the essential areas that have been standard features in the security awareness market for years. Those capabilities are why we’ve become the largest vendor in the space. But for years now we have exceeded just those standard features.

A deepfake is a form of media, such as a photo or video, generated by Artificial Intelligence (AI) to depict real or non-existent people performing actions they never did. AI manipulates a picture, video or voice recording to analyze a person’s characteristics and then blends those characteristics with existing footage using unique algorithms.

Consider a modern software application as a constellation of cities that dot the landscape. These cities are components such as databases, authentication services, business logic engines, and more. Requests travel between components carrying data just as citizens travel between cities carrying their belongings. The highways that connect the cities on this map are your APIs. Cities get the most attention, often receiving the security and protection they need.

Since the technological “birth” of Artificial Intelligence and ChatGPT, many people are wondering what on earth they would do without AI in their lives. Since July 2024 ChatGPT has had 200 million weekly active users worldwide and attracted nearly 2.5 billion site visitors. However, ChatGPT is not the only AI out there.

If you give attackers an inch, they will take a mile. That’s essentially what happens when there are minor flaws in your web applications – these flaws leave one inch of your system’s doors open. Before you know it, sophisticated threats like directory traversal come crawling. Currently, there are 55 different directory traversal vulnerabilities in CISA’s Known Exploited Vulnerabilities (KEV) catalog.

Cybersecurity experts are beginning to notice a recurring pattern: many companies that fall victim to ransomware attacks first experience infections from infostealers. These malicious tools are designed to siphon sensitive information from systems, but they might also serve as an early warning for defenders, providing the opportunity to act before a full-scale ransomware attack occurs.

Penetration testing, dynamic application security testing (DAST), and attack surface management (ASM) are all strategies designed to manage an organization’s digital attack surface. However, while each aids in identifying and closing vulnerabilities, they have significant differences and play complementary roles within a corporate cybersecurity strategy. Let’s take a quick look at the definition of each of these strategies.