Companies have increasingly allowed bring your own device (BYOD) policies to support remote work, but in today’s cybersecurity landscape, this trend has led to an increased attack surface. Each additional endpoint increases the potential for credentials to be compromised through credential phishing attacks. Hackers are leveraging this trend to conduct insider attacks, leaving businesses vulnerable to data breaches.
We are thrilled to announce that CRN has recognized WatchGuard in its first-ever MES Matters list for 2022! This awards program highlights vendors that have proven themselves to be cutting-edge technology providers offering solutions that support the growth and innovation of midmarket organizations. CRN defines the midmarket as an organization with an annual revenue of $50M - $2B, and/or 100 – 2500 total supported users and seats.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Often a target for directory traversal, file packing utilities offer an excellent way to break a system. Sandboxing is a good test first but who regularly does that?
At CrowdStrike, we combine cloud scale with machine learning expertise to improve the efficacy of our machine learning models. One method for achieving that involves scanning massive numbers of files that we may not even have in our sample collections before we release our machine learning models. This prerelease scan allows us to maximize the efficacy of our machine learning models while minimizing negative impact of new or updated model releases.
Firewall logging is an important piece of your advanced security strategy. A firewall is a security system that helps protect your computer or network from unauthorized access. One important function of a firewall is to log information about each connection attempt, including who attempted to connect and when.
As digital transformation continues to take over the world, security increasingly becomes a concern for companies of all sizes. No matter how big of a security team you might have, it is hard to speak a common language between security and development teams on what controls you need during the software development life cycle. To tackle this problem, OWASP has released Application Security Verification Standard towards the end of 2021.
I have always worked in tech, so have always needed to understand the technical nature of the products we are building. This process has always been over-complicated for me so I now always try to write a guide for non-technical people like me. It turns out that once you understand it you can explain it to other non-technical people much easier! So here we go as I try to explain SAML (Security Assertion Markup Language) SSO (single sign-on) and why BoxyHQ makes it so easy to implement.
This article follows my first article in which I explain the basics of SAML from the users' side. If you haven't read that one already I would recommend reading that one first here. In this article, we are going to take a look at what SAML authentication and setup look like from the solution providers' perspective. If you are a B2B solutions provider and you plan to have enterprise customers they will likely ask that your product supports SAML SSO.
In a Kubernetes cluster, Control Plane controls Nodes, Nodes control Pods, Pods control containers, and containers control applications. But what controls the Control Plane? Kubernetes exposes APIs that let you configure the entire Kubernetes cluster management lifecycle. Thus, securing access to the Kubernetes API is one of the most security-sensitive aspects to consider when considering Kubernetes security.
