Being in cybersecurity line of business and being aware of the issues faced by multiple small to mid-sized businesses, we often come across various jargon which may be unclear to some. One of the most common questions for SMEs is should they focus on cloud security or network security. It is hard for SMEs to prioritise their security budget and find affordability with security. To make an informed decision, it’s important to understand the options.

The General Data Protection Regulation (GDPR) set a huge precedent in modern digital privacy regulation. We've seen regions throughout the world adopt similar data protection laws in the time since its inception, and the financial liabilities are only part of the story. Customers and users of software products are now savvier than ever when it comes to understanding the importance of data privacy rights.

In their debut LP, Q: Are We Not Men? A: We Are Devo!, the band introduces their defining theme that mankind’s evolution has reached the point—devolved to the point, actually—that we are converging on sameness… emotionless and robotic. This notion informed everything from the way Devo dressed (awesome!), to the music they wrote, to the way they performed. What does the band Devo’s theme of devolution have to do with me joining a software company of the same name?

Redscan’s 2021 Ethical Hacking Roundtable event explored critical vulnerabilities and other key issues facing security teams. The roundtable panel featured George Glass, Head of Threat Intelligence at Redscan, Tom Tervoort, who discovered and disclosed Zerologon, Dr Elizabeth Bruton, Curator of Technology and Engineering at the Science Museum and Dinis Cruz, CTO and CISO of Glasswall and OWASP Project Lead. Key insights from the panel included.

As government agencies accelerate migrating their operations to the cloud, they need to adhere to strict compliance and security standards. The Federal Risk and Authorization Management Program (FedRAMP) provides the standard that these agencies—and their private-sector partners—must meet to work and manage federal data safely in the cloud.

JavaScript is a very useful programming language. Netscape developers invented JavaScript in 1995, and it revolutionized the web. Before JavaScript, webpages could pretty much only contain text, images, and hyperlinks. JavaScript empowered web developers to make webpages interactive, dynamic rather than static. Think of picture menus that animated when your mouse cursor went over it, and applets that could give you your local weather forecast or tell you which web browser you’re using.

A SaaS start-up can only go so far before it’s time to consider certifications and compliance standards for advancement. But let’s make it clear that at Detectify, we don’t see compliance as security. If you’re stuck in between the two right now, here’s our use case for getting ISO 27001 certification and how we made it work for Detectify, a SaaS-based web application security scale-up that has its fair share of passionate security defenders aboard!

Like most people, I am not at all sad to see 2020 go. It introduced unique pressures that challenged all of us in different ways. As snykers, I believe we have emerged stronger. Throughout the year, our global team—alongside our partners and customers—reached so many impressive milestones, made that much sweeter due to the headwinds we all faced in achieving them. Ending the fiscal year, Snyk: Yes—two acquisitions.

The management consulting firm Korn Ferry recently surveyed professionals about what they were most looking forward to when they return to the office, and more than 20 percent of them said “nothing.” (No kidding.) Some 64 percent of respondents are cited as saying that they’re more productive at home. (Not surprised.)

The gold standard for creating an application security (AppSec) program is – and always will be – to follow best practices. By following preestablished and proven methods, you can ensure that you are maximizing the benefits of your AppSec program. Unfortunately, time, budget, culture, expertise, and executive buy-in often restrict organizations from following best practices. But that doesn’t mean that you can’t create an impactful AppSec program.