It’s not often we can say this, but 2022 is shaping up to be an exciting time in information governance, especially for those interested in compliance and compliance frameworks. We started the year in eager anticipation of the new version of the international standard for information security management systems, ISO 27001:2022, soon to be followed by version 4.0 of the PCI DSS standard.

Today's enterprise IT teams are well acquainted with the pressures of ensuring network security, while also managing the time it takes to do so. The recent experience of one multinational technology company perfectly illustrates how Networks Query Engine (NQE) can be used to quickly and effectively bolster network security. As with most companies, this company's IT team was asked on a regular basis to locate IP addresses in the network.

While the data breaches that make the headlines often focus on personal data, there’s a lot more at stake if a hacker cracks open the gates. There’s even higher stakes when intellectual property (IP) theft is the goal potentially stripping away an organization’s competitive advantage. It’s not just hackers that are a threat to IP. Employees, contractors and partners all pose a risk to IP from accidental or deliberate data loss.

Ignyte Platform Inc. is proud to announce that the Federal Risk and Authorization Management Program (FedRAMP) has recognized it as a designated third-party assessment organization (3PAO). This designation is over a year in the making after Ignyte announced in May of 2021 that it reached ISO 17020:2012 accreditation. FedRAMP is the United States Federal government’s way of ensuring the cloud-based products and services it uses are secure.

With digitalization and the “upgradation” of technology, e-commerce businesses have managed to gather a huge volume of data. It is the age of the internet of things (IoT) and industry-disrupting technologies like cloud computing, big data, mobile apps, and cloud cybersecurity are now major priorities for businesses. Over the past ten years, malware infections have been on the rise, of which 92% were delivered by email.

In the previous article, we covered the build and test process and why it’s important to use automated scanning tools for security scanning and remediation. The build pipeline compiles the software and packages into an artifact. The artifact is then stored in a repository (called a registry) where it can be retrieved by the release pipeline during the release process.

In our third episode, we speak with Maxime Lamothe-Brassard — CEO and founder of LimaCharlie, a security infrastructure as a service tool that gives security teams full control over how they manage their security infrastructure. Maxime’s unique perspective comes from a career in security, including Canada’s NSA, Arc4dia, and the early days of CrowdStrike and Google Chronicle.

E-commerce companies are among the businesses most at risk for cyberattacks. High-dollar customer purchases combined with easy-to-hack, JavaScript-based websites are a threat actor’s dream come true. Building a solid e-commerce program means taking some time to understand e-commerce website security, including threats and protective measures.

Welcome to another iteration of What’s New in Sysdig in 2022! Before starting, once again Happy Easter, Happy Passover, Happy Rama Navami, and Ramadan Mubarak! In general, happy spring break, and we hope you recovered from the chocolate egg drop.