We’re happy to announce that Tigera recently achieved Amazon Web Services (AWS) Security Competency status. This designation recognizes the security capabilities of Tigera’s Calico Cloud platform in helping customers secure their AWS workloads and achieve their cloud security goals. To receive the designation, AWS Partners must possess deep AWS expertise and deliver solutions seamlessly on AWS.

Managed detection and response providers (MDRs) are at an inflection point. They previously relied on legacy SOAR to secure their customers. But SOAR solutions struggle to keep up with the evolving and maturing threat landscape, and were not designed to scale into cloud environments. As a way to break free from SOAR’s shortcomings, MDRs are turning to hyperautomation.

Snyk provides a comprehensive approach to developer security by securing critical components of the software supply chain, application security posture management (ASPM), AI-generated code, and more. We recognize the increasing risk of exposed secrets in the cloud, so we’ve tapped Nightfall AI to provide a critical feature for developer security: advanced secrets scanning.

In the world of software development, managing dependencies is a core part of creating strong and secure applications. Spring Boot, a favorite among Java developers, makes building applications easier, but there's more to it than meets the eye. Keeping your dependencies in check is crucial to ensure that your Spring Boot projects run smoothly and remain resilient in the face of ever-evolving threats.

Your developer teams plan to adopt a generative AI coding tool, but you — a security leader — have compliance and security concerns. Most important of which being, what if you can’t keep pace with your developers and something significant slips through the net? Luckily, you can stay secure while developing at the speed of AI with Snyk, the security companion for Amazon CodeWhisperer.

Environmental, social, and governance (ESG) is a framework that holistically assesses the sustainability of a business or investment. Investment groups, business continuity planners, enterprise risk management personnel, and third-party risk management (TPRM) programs utilize ESG to manage sustainability risks.

Email spoofing is a type of cyber threat where a cybercriminal sends emails to potential victims using fake sender addresses. Email spoofing works by forging a sender address to make it seem as though it’s coming from a legitimate person or company. Email spoofing is a tactic typically used by cybercriminals when carrying out phishing attacks to encourage their targeted victim to send them sensitive information.

The Trustwave SpiderLabs team's recent in-depth look at the threats facing the retail landscape has uncovered a wide array of adversaries actively attacking this sector along with their tried-and-true methods of gaining access, moving laterally, and finally exfiltrating valuable data. This information is thoroughly detailed in the Trustwave Threat Intelligence Briefing: The 2023 Retail Services Sector Threat Landscape.

There’s been a “precipitous rise” in QR code phishing campaigns in 2023, according to Matthew Tyson at CSO. “For the attacker, QR codes bring a number of benefits, including some appreciated by legitimate businesses: they are easy to create and easy to use,” Tyson writes.

This is a cautionary tale of both how your data can legally end up in the hands of an organization you never intended and how victims can be largely left in the dark post-breach. Normally when there’s a press release from an organization hit by a data breach, there are at least a few details that let customers know the company has a handle on what transpired, that the breach has been mitigated, and what customers impacted should do to protect themselves.