Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Human Resource and Security Teams Should Work Jointly to Reduce the Risk of Cyberattacks

COVID-19 has not only changed the way we live but also forced many changes to standard business processes. This article will explore some challenges around human resource (HR) hiring, offboarding and contracting activities. As companies in multiple jurisdictions continue to look for advice from state and federal authorities on COVID-19 safe work plans, this article offers some security considerations from a physical security as well as cyber security perspective.

Reciprocity and ZenGRC Honored with Industry Accolades for Information Security Risk and Compliance

SAN FRANCISCO – March 10, 2021 – Reciprocity, a leader in information security risk and compliance with its ZenGRC solution, today announces ZenGRC has been named a winner of four 2021 Cybersecurity Excellence Awards. The company was also recognized as a Grand Trophy Winner, the top honor, along with four category awards by the Globee Awards 17th Annual Cyber Security Global Excellence Awards.

VPN and Firewall Log Management

The hybrid workforce is here to stay. With that in mind, you should start putting more robust cybersecurity controls in place to mitigate risk. Virtual private networks (VPNs) help secure data, but they are also challenging to bring into your log monitoring and management strategy. VPN and firewall log management gives real-time visibility into security risks. Many VPN and firewall log monitoring problems are similar to log management in general.

Featured Post

Why cloud native apps need cloud native security

A cloud native approach to infrastructure and application development enables simplification and speed. Many of the traditional tasks involved in managing and deploying server architecture are removed, and high levels of automation deployed, making use of software-driven infrastructure models. Applications can be deployed at scale, be resilient and secure, while also allowing continuous integration technologies to accelerate development and deployment. Cloud approaches are set to dominate the future, most authorities agree: according to Deloitte, for example, global cloud spending will grow seven times faster than overall IT spending until at least 2025.
Featured Post

Security Monitoring and Risk Analysis for Office 365 - A maintainable Journey

The NIST framework tells us that it is crucial to treat security as both an action that is not a singular fix but a chorus of proactive and reactive measures. It also teaches us that it is a continuous journey. In this article, we shall apply these concepts of measures and continuous journeys to some real-world examples. Here we choose Office 365 as, for many organizations, it exposes the dominant risk surface.

Linting Rego with... Rego!

One of my absolute favorite aspects of Open Policy Agent (OPA) is the general purpose nature of the tool. While commonly seen in deployments for Kubernetes admission control or application authorization, the large OPA ecosystem includes integrations with anything from databases, and operating systems to test frameworks and REST clients for most common languages.

10 Kubernetes Security Context settings you should understand

Securely running workloads in Kubernetes can be difficult. Many different settings impact security throughout the Kubernetes API, requiring significant knowledge to implement correctly. One of the most powerful tools Kubernetes provides in this area are the securityContext settings that every Pod and Container manifest can leverage. In this cheatsheet, we will take a look at the various securityContext settings, explore what they mean and how you should use them.

Red Team Assessments - The Fundamentals 1.3

The final part of this mini Red Team blog series discusses the benefits a Red Team Assessment will bring to your organisation. A security test of any sort is ultimately designed to see how your business can mitigate and learn from any issues found. Yes, compliance can come into this and passing and failing a test is a factor but creating a strong infrastructure to protect the business and customer interests is the key factor here.

Forrester TEI study: Sumo Logic's Cloud SIEM delivers 166 percent ROI over 3 years and a payback of less than 3 months

We are seeing a renewed focus on accelerating digital transformation projects across business ecosystems and workflows within our customer base. These projects are enabling key business outcomes and this organizational transformation has given security and IT leaders the catalyst and opportunity to modernize security operations while eliminating on-premises debt.