FedRAMP is the Federal Risk and Authorization Management Program, and it’s one of the common security frameworks used by the government, its agencies, and the contractors that work with it. However, it’s not solely restricted to the government: FedRAMP can be used in the private sector just as well. The question is, how does it work if you want to do so, do you need to follow it, and what are the benefits of doing so?

ISO standards may not always jump out as the most exciting of topics for dinner party conversation, but their growing importance in business cannot be denied. And this year it is well worth us talking about ISO 27001:2022 specifically (though perhaps not over dinner). It is expected that as many as 90,000* organisations might renew their certification or gain it for the very first time this year. The auditors will be busy!

You know us: Every month we’re cooking up something new! Here are the latest updates to hit TrustCloud this month. TrustShare Import your knowledge base without going through the questionnaire import process. Now you can import your knowledge base in one click without having to wait. Importing your knowledge base also won’t impact your total questionnaire usage counts, which will make it easier to keep track of your total questionnaire usage.

Cato XDR breaks the mold: Now, one platform tackles both security threats and network issues for true SASE convergence.

Keeper Security has been featured by Okta, an access management leader in the Gartner Magic Quadrant, as the seventh fastest-growing application by number of customers in the company’s 2024 Businesses at Work report. This is the second time Keeper has been listed as one of the fastest growing apps on Okta’s annual report, reinforcing the Keeper’s mission to provide organizations of all sizes with an easy-to-use security solution that has simple integrations and fast time to value.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Social engineering attacks can be very effective and good that someone spotted one but unfortunately for them persistence scored in the end.

Visma selects Aikido security, entrusting them to deliver software security to their portfolio of 170+ companies. Securing software is vitally important to Visma, whose operations deliver software to dynamic SMEs, powerhouse corporations, and key public institutions worldwide. Together, Visma and Aikido are not just participating in the future of application security; they are creating it.

As per Statista, mobile apps are estimated to generate over $935 billion in revenue in 2024, which includes: This means businesses must prioritize mobile app testing and security posture to safeguard users' personal and financial information from security breaches. For successful mobile app testing, your team must test the app through numerous operating system versions, network bandwidths, screen resolutions, and devices—to ensure the app performs seamlessly across devices.

Early on March 28, 2024, the Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. Among those libraries are Pytorch, Matplotlib, and Selenium.

DevSecOps is a collaborative practice that incorporates security into the development and delivery of software. DevSecOps encourages a culture where security, development, and operations teams collaborate closely; this collaboration ensures that security considerations are understood and implemented by everyone involved in the software development lifecycle.