The attack surface is inevitably going to grow. That’s why we believe it’s crucial for customers to not only know what assets they are exposing online, but knowing to what extent assets are exposed on their attack surface. Previously, it wasn’t possible to filter the attack surface view by state (you can read more about state here). This limitation made it difficult to assess some Internet-facing assets, such as those that were resolving DNS records with no reachable IPs.

As artificial intelligence (AI) becomes more and more prevalent in society, it is also making its way into the world of cyber security. AI can be used in a number of ways to help improve cyber security, including by automatically detecting and responding to threats, improving network efficiency, and helping to identify vulnerabilities. In this blog post, we will discuss some of the ways that AI is changing cyber security and how it can help your business stay safe online.

In cybersecurity, there has been a shift to adopt more software development principles in order to create security solutions quickly and reliably. Utilization of tools like Git and Continuous Integration/Continuous Deployment (CICD) pipelines have become more common to achieve reliable deployments. At Tines, while we strive to make automation accessible to anyone without development skills, our platform is also highly flexible to accommodate developer-centric uses.

Evidence is the currency cyber defenders use to pay down security debt, balancing the value equation between adversaries and the enterprise. Defenders can use evidence proactively, identifying and protecting structural risks within our zone of control. Evidence can also be used reactively by supporting detection (re)engineering, response, and recovery activities, guiding us back to identifying and protecting structural risks.

As the leading customer relationship management platform, Salesforce is an excellent target for hackers looking to make a buck and steal sensitive data from all types of businesses. Recognizing this, Salesforce issued a requirement that takes effect on February 1, 2022, mandating all customers use MFA to access Salesforce products.

Each month we highlight research from the Black Duck Security Research team in Belfast. This month’s vulnerability followed an unusual path through more than half a decade.

Black Basta is a relatively new family of ransomware, first discovered in April 2022. Although only active for the past couple of months, the Black Basta ransomware is thought to have already hit almost 50 organisations – first exfiltrating data from targeted companies, and then encrypting files on the firm’s computer systems. Victims have reportedly been hit in countries around the world including the United States, UK, India, Canada, Australia, New Zealand, and UAE.

Thanks to social media, online publications, and 24-hour news channels, we’ve never been more hooked into the news cycle. Whether you want to see them or not, the headlines are never far from your eyes and ears. Cybercriminals can weaponize this to their advantage and tailor their phishing attacks to coincide with topical news stories.

This is the second part of a four-part blog series covering each of the four phases of the merger & acquisition (M&A) process and how you can build security into each phase. In case you missed it, Part 1 covered why it’s important to integrate security into the due diligence process in the first phase of M&A.

Why settle for less! The challenge of manually dealing with self-hosting a product like Velero or Kasten on dozens of clusters and multiple clouds, and then trying to migrate data across different accounts and even different clouds is very different from dealing with a single cluster and a single cloud environment. CloudCasa provides a guided workflow for cross-account and cross-cluster Kubernetes restores in Amazon EKS from an intuitive GUI.