This is the second in a series of blogs that describes the importance and inner workings of conducting Red and Purple Team exercises. Part 1 of this blog series gave an overview of how to properly conduct these drills. This blog examines the role Purple Teams play in an effective security testing strategy.

I am pleased to share the exciting news that TA Associates (“TA”), a leading global growth equity firm, has signed an agreement to make a strategic growth investment in Veracode, taking a majority equity position in the business. Thoma Bravo will also continue to be an investor alongside TA. This new partnership is forming at a critical moment in the evolution of the software security market.

For security and DevOps teams, staying a step ahead of the competition comes down to staying in lockstep with each other. Whether that competition takes the form of a threat actor lurking on a network or a rival company taking new products to market, collaboration can help security and DevOps teams better protect their organizations and develop innovative technology solutions.

Many industrial security professionals lack visibility into their organizations’ assets and processes. This includes Industrial Internet of Things (IIoT) devices as well as industrial organizations’ supply chains. Back in March 2021, Tripwire announced the results of a survey in which 99% of security professionals said that they had experienced challenges securing their organizations’ IoT and IIoT devices.

Privileged account exploitation remains at the core of targeted cyber attacks. An insight into some of the most high-profile breaches reveals a highly predictable pattern. Attackers are capable of crashing through hijack credentials, network perimeter, and utilize the same for moving laterally across the entire network. They also undertake additional credentials and enhance privileges towards achieving their goals.

Our new command-line tool makes authorizing with services and securing your development toolchains easier than ever.

The new currency in the digital age is personally identifiable information (PII). Information about who we are, what we like, how we act, where we go and why we do things is a valuable resource which organizations use to sell to us more effectively. Users rightly expect businesses to take proper care of this information, because in the wrong hands, it can be used to harm the user.

Since joining a restaurant chain more than three years ago, this Chief Information Security Officer (CISO) has been a driving force behind its ability to stay ahead of the security curve. Here, they share why they’re focusing on securing third-party access, customer identity and access management, security awareness training, software assurance, and situational awareness and response for the foreseeable future.

AEC firms have always looked for tools that give them a competitive advantage, but today’s technological advancements have pushed many of them into uncharted territory. Companies that long concerned themselves with the physical are now adapting to the digital, and they’re struggling to manage all the new software, the flood of data, and the rising threat of cyber attacks.

The cybersecurity landscape is shifting because it has to. The breadth of challenges facing defenders is vast and we are constantly reminded about how unpredictable security can be with zero-days such as the recent Log4Shell vulnerability. New tools and a community-based approach offer a way forward in the face of overwhelming complexity.