SPIFFE stands for Secure Production Identity Framework for Everyone, and aims to replace single-factor access credentials with a highly scalable identity solution. This blog post provides some practical applications of SPIFFE in real-world environments.

Happy International Dog Day! This official holiday celebrates our furry friends and the joy they bring to our lives! Today is particularly special for all of us at Snyk because of our four-legged mascot, Patch the Doberman. But what exactly does a dog have to do with application security? Here at Snyk, we see the idea of a “guard dog” protecting someone’s home as similar to how AppSec solutions can protect today’s development practices.

You can mitigate the risk of ransomware attacks by regularly backing up your data, updating your device with the latest software, implementing least-privilege access, using a business password manager and educating employees about security awareness, among other things. Ransomware attacks occur when organizations are prevented from accessing files and data until they’ve paid a ransom to the cybercriminal who infected their devices with malware.

Cybercrime is as lucrative as ever, generating millions in illicit revenues for threat actors. Between 2021 and 2023, global data breaches rose by 72%, breaking all previous records. Meanwhile, data breach costs continue to rise. The average cost of an enterprise data breach in 2024 is $4.88 million — another all-time high. This puts managed service providers (MSPs) in a tight position. Cyber liability insurance can help reduce exposure to steep losses associated with cyberattacks.

Cybercrime is a major concern for individuals, businesses, and governments alike. As technology advances, so do the tactics and sophistication of those who seek to exploit it for nefarious purposes. Data shows that, on average, a cyber attack occurs every 39 seconds, affecting one in three Americans annually.

In November 2023, Datadog announced the launch of Security Inbox, a solution that equips security and engineering teams with valuable insights for mitigating security risks. Security Inbox takes the guesswork out of addressing the most pressing security risks by automatically organizing them into an actionable list for remediation. As of today, Security Inbox has already served thousands of security and engineering teams, giving them the right context at the right time for protecting their environments.

Formjacking is a cyberattack where attackers inject malicious JavaScript code into webpages containing form fields, usually on login pages or payment forms. The objective is to steal sensitive information, such as credit card details, passwords, and other personal data, directly from users as they enter it into the compromised forms. Formjacking attack occurs entirely on the client side—within the user’s browser—making it particularly challenging to detect.

Aner Izraeli is the Chief Information Security Officer (CISO) at Torq. He leads Torq’s cybersecurity strategy with a focus on innovation and resilience. Aner’s career spans over two decades in the cybersecurity field, where he has consistently demonstrated expertise in SIEM/SOC, incident response, and network security.

Australian and New Zealand financial service institutions (FSIs) are facing pressure to innovate quickly while maintaining robust security and regulatory compliance. Many, like ANZ Bank and Commonwealth Bank, are exploring Generative AI to accelerate software development, but is it a silver bullet?