Binary diffing, a technique for comparing binaries, can be a powerful tool to facilitate malware analysis and perform malware family attribution. This blog post describes how AT&T Alien Labs is leveraging binary diffing and code analysis to reduce reverse-engineering time and generate threat intelligence.

Discover what CIEM Security is and how easy it is to implement with Sysdig Secure for cloud. Over-permissioned accounts and roles is the most common cloud service misconfiguration security problem. Implementing least privilege is a crucial best practice to avoid or mitigate risks of data breaches and contain privilege escalation and lateral movement.

Snyk Code has had a tremendous 2021. It started the year supporting three languages — Java, JavaScript, and TypeScript — and has since added Python, C#, PHP, Ruby, and Go. More languages and features are on the horizon, and in this article, we’re happy to announce the addition of Swift and Salesforce’s Apex support, as well as API and GraphQL security. Let’s get into it!

This August we commissioned a survey of over 1,400 senior IT decision-makers and business executives in the US, UK, and Canada. Our initial publication of the findings dug deep into their thoughts and attitudes on many issues, including nation-state attacks and hybrid work. In addition, however, our survey featured several questions on cyber insurance. So in this article, we’ll provide the cyber insurance insights shared by the survey respondents.

Sumo Logic is constantly improving our Cloud SIEM solution to meet the needs and demands of our current and future customers and help them modernize their security operations. Via our cloud-native platform, our engineers perform continuous delivery of product features and improvements to all Cloud SIEM customers—simultaneously—several times each week.

With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing the enterprise. Anti-Malware technologies have become an afterthought in many organizations, a technology that they’ve always had, always used, and never really thought about. This control serves as a reminder that this technology is as critical as it ever was and lays out the minimum requirements for ensuring your malware defenses are up to the task.

Proper implementation of a user and entity behavior analytics (UEBA) tool can solve lots of cybersecurity challenges by detecting well-hidden and slowly executed attacks, automating the analysis of alerts and logs, and speeding up incident investigation. It can even help you improve employee productivity. But implementing a UEBA solution also requires a lot of time and effort along with a clear understanding of how you are going to use it.

A successful breach can do serious damage to a business, costing a company millions of dollars in lost revenue, exposed intellectual property, downtime, reputation loss and fines. The right practices can help keep a company safe — but only if they know what threats to look for, and where their network is weakest. Cyber threat intelligence is the process through which companies identify weaknesses in their own networks.

Scraper bots make up the worst of bad bot traffic for the travel industry, with sites witnessing over 90% of traffic attributed to fare scraping. Whilst this activity can be benign or even used for positive means, if uncontrolled it can impact top line revenue, bottom line profits and customer experience.

While organisations frequently focus their security strategy on external risks, the trend of company employees being targeted by threat actors to help provide access is on the rise. In this blog post, we explore the growing issue, outline some recent examples and provide some key steps to take in response.