Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Defending against the cyber pandemic demands holistic security and intelligent DevSecOps

Learn how Synopsys AppSec tools and services can help your organization deliver a holistic security approach to address rising cyber threats. Not only has the number of cyber attacks increased dramatically in 2020, but the ingenuity and scale of the attacks has also jumped way off the charts. The SolarWinds attack was “the largest and most sophisticated attack the world has ever seen” with the number of software engineers working on these attacks estimated to be over 1,000.

What is Endpoint Security?

In enterprise networks, endpoint devices refer to end-user devices such as laptops, servers, desktops, Internet of Things (IoT) devices, and mobile devices. Such devices enable users to access the corporate network, and are therefore indispensable for day-to-day operations. Endpoints also, however, expand a company’s attack surface, since each one can be exploited by malicious threat actors to launch cyberattacks via ransomware, phishing emails, social engineering, and so forth.

Network segmentation: Importance & Best Practices

Traditional and typical cyber security techniques usually fail to meet the security requirements of today’s corporate industries and businesses. As the digital world has revolutionized, so are cyber security threats and risks. It has become more difficult to rely on a single security solution or a single line of defence.

What is Privilege Escalation?

Privilege escalation is the exploitation of a programming error, vulnerability, design flaw, configuration oversight or access control in an operating system or application to gain unauthorized access to resources that are usually restricted from the application or user. This results in the application or user having more privileges than intended by the developer or system administrator, allowing attackers to gain access to sensitive data, install malware and launch other cyber attacks.

Using Threat Modeling to Boost Your Incident Response Strategy

Threat modeling is increasing in importance as a way to plan security in advance. Instead of merely reacting to threats and incidents, an organization can identify and evaluate its security posture, relevant threats, and gaps in defenses that may allow attacks to succeed. Threat modeling has a two-way relationship with incident response.

Five worthy reads: Differential privacy-what it means for businesses

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we explore one of the evolving privacy-enhancing techniques called differential privacy and how it’s being leveraged by organizations to safeguard sensitive data from being exposed. Cutting-edge technologies based on artificial intelligence and machine learning have been gaining traction in recent years.

Data protection and the Age-Appropriate Design Code

A 2019 report by Ofcom shows that 50% of ten-year olds own mobile phones. While viewing of video-on-demand (with YouTube as firm favourite), has doubled in the last five years among children. Platforms like TikTok are rapidly growing in popularity. Sadly, more and more children are being exposed to hateful, violent and disturbing contents on these platforms.

Impact of modern ransomware on manufacturing networks

Manufacturing facilities employ assembly lines, material handling systems, motors, and furnaces that all require big physical machines. Innovative trends in the manufacturing industry and the advancement of operational technology have also meant introducing computers across operation and production systems.

What Makes Teleport a Great Place to Work

August has been a great month for Teleport. Our Series B round of funding , led by Kleiner Perkins, plus the arrival of secure MongoDB access with Teleport 7.0 is cause enough for celebration. In addition, Teleport has been officially Certified™ by Great Place to Work ®. This prestigious certification is based entirely on feedback from current employees; this year, an incredible 100% of our team members told us we are a great place to work.

What is ISO/IEC 27001? A Clear and Concise Explanation for 2021

ISO/IEC 27001 is the leading international standard for regulating data security through a code of practice for information security management. Its creation was a joint effort of two prominent international standard bodies - the International Organization for Standardization (ISO), and the International Electrotechnical Commission (IEC). This is why the standard is formally prepended with ISO/IEC, though "IEC" is commonly left to simplify referencing.