Triage is just as important to security teams as it is to hospital workers. Now, you can prioritize and remediate web application vulnerabilities even faster with tags and findings in one view for Detectify Deep Scan and Asset Monitoring. For the past couple of months, one of Detectify’s product teams has been working relentlessly on improving how customers consume security vulnerability findings.

If 2020 taught us anything, it’s to expect the unexpected. While there don’t seem to be enough words to cover the changes that we all did our best to adjust to, we are more than happy to give you our rundown of the top 10 open source vulnerabilities in 2020.

If you have used Open Policy Agent (OPA), you must have used OPA Playground to write and test out your Rego policies. I always wished for a feature where the policies in the playground can be directly applied in OPA. Basically, a control plane which allows policy authoring and enforcement easily. In KubeCon NA 2020, Styra (creators of OPA) launched a free edition of their Declarative Authorisation Service (DAS).

Life for university students has changed massively during the coronavirus pandemic, as it has for all of us. While some in-person lectures and seminars are still taking place, there has been a big shift to remote learning. This has, perhaps understandably, led to concerns about how well students are engaging with this way of studying. Many universities have sought to address this by turning to remote monitoring tools to track students’ online activities.

At Nightfall, we believe in the power of learning from those who have done it before. That’s why we created CISO Insider — a podcast interview series that features CISOs and security executives with a broad set of backgrounds, from hyper-growth startups to established enterprises. Through these interviews, we’ll learn how industry experts overcame obstacles, navigated their infosec careers, and created an impact in their organizations.

Technology plays a crucial role in the operation of today’s healthcare service organization. Many hospitals are increasing use of modern technologies like mobile computing and cloud services to improve care delivery, resulting in far-reaching impact for doctors and administrators. At the same time, the current COVID-19 pandemic has disrupted almost every aspect of life. The situation has accelerated the adoption of virtual care to stay relevant during the pandemic.

CVE-2020-28052 is an authentication bypass vulnerability discovered in Bouncy Castle’s OpenBSDBcrypt class. It allows attackers to bypass password checks.

This blog is part two of Splunk's Sunburst Backdoor response aimed at providing additional guidance to our customers (you can read part one, "Using Splunk to Detect Sunburst Backdoor," by Ryan Kovar). In this blog, we’ll cover how to ingest threat indicators to combat Sunburst Backdoor in Splunk Enterprise Security (ES).

Employee Monitoring is the process of tracking employee activities such as app use, internet browsing, email communications, file transfers etc. An employee monitoring solution allows a business to keep an eye on its users so that they cannot put the organization in harm’s way intentionally or accidentally by leaking sensitive data, sabotage, fraud, theft or other miscreants.

SAN FRANCISCO – December 16, 2020 – Reciprocity, the company behind ZenGRC, the industry-leading information security risk and compliance solution, today announced ZenGRC has earned two badges on the G2 Winter 2020 Grid Report. This marks the 15th consecutive quarter ZenGRC has been recognized by G2 in its quarterly report. G2 is a peer-to-peer business solutions review website, leveraging customer feedback to rank the best business software and services.