Let’s take a trip — back about eight years — when a Gartner analyst coined the term endpoint detection and response (EDR). He was describing security systems that both detect and investigate suspicious activities on computers and other devices and use automation to help security operations center (SOC) teams quickly identify and respond to threats. Since then, EDR has become a critical component of a modern security stack for organizations of all sizes.

In this blog post, we outline past and present threats to the Olympic Games and the steps that organisations can take to reduce the risks. With more than 11,000 athletes and 206 countries and states taking part, the delayed Tokyo 2020 Olympic Games are currently being watched around the world. This level of visibility makes the Games a target for those seeking to cause politically-motivated harm, enrich themselves, boost their profile or undermine the host nation on an international stage.

In this episode of AppSec Decoded, we discuss the impact of the new executive order by the Biden administration on organizations working with the government. The past year has led many people and organizations to depend more on technology, completely changing the way they operate. With the increased dependency of technology, it should come as no surprise that the number of breaches and security risks have increased as well.

Software package repositories are becoming a popular target for supply chain attacks. Recently, there has been news about malware attacks on popular repositories like npm, PyPI, and RubyGems. Developers are blindly trusting repositories and installing packages from these sources, assuming they are secure.

When it comes to cybercrime, cybercriminals are constantly changing their tactics. Think back to 10 years ago; malware sites — malicious sites that attempt to install malware on a device – were a common attack vector. At the same time, sophisticated ransomware attacks on organizations were rare. Often, ransomware was used to target individuals, sometimes blackmailing them for having been on unsavory sites and asking for a few hundred dollars in ransom.

Modern technologies and work flexibilities, such as cloud computing, work-from-anywhere, remote employees connecting to the internal network, and so on, enhance the organizations' operation and provide ease of management. Consequently, they impact the organizations' security controls and introduce additional attack surfaces or opportunities for intruders to attack. This situation demands security analysts to adopt modern attack surface management techniques and technologies.

We are excited to announce the availability of Social Trends, adding social media intelligence (SOCMINT) to Snyk’s vulnerability data to help development and security teams prioritize vulnerabilities more effectively. Given the size of vulnerability backlogs facing organizations today, finding and fixing security vulnerabilities in a timely manner is a monumental task. There simply are not enough hands on deck to triage and tackle all the vulnerabilities on the list.

Web applications and hosted software make up the largest attack surface for modern tech organizations. The most common web vulnerabilities being exploited go beyond the OWASP Top 10 list. At Detectify, we work in close collaboration with an invite-only community called Detectify Crowdsource to get the latest vulnerability research into the hands of security defenders. Besides knowing the vulnerabilities, you need the know how on how to mitigate them.

Earlier this year, Gartner published its latest research on the Security Orchestration, Automation and Response (SOAR) market in a report entitled, “Is Your Organization Mature Enough for SOAR?”. We’ve been talking to clients about this very subject and agree with Gartner that SOAR tools can increase SecOps efficiency and consistency, provided organizations have laid the proper groundwork.

In any case, by using the MITRE ATT&CK framework to model and implement your cloud IaaS security, you will have a head start on any compliance standard since it guides your cybersecurity and risk teams to follow the best security practices. As it does for all platforms and environments, MITRE came up with an IaaS Matrix to map the specific Tactics, Techniques, and Procedures (TTPs) that advanced threat actors could possibly use in their attacks on Cloud environments.