Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Biggest Cyber Attacks of 2020 & What We Can Learn From Them

There’s no doubt that the internet has made almost every element of our lives easier. Virtually everything now has an online presence, from multi-national social media goliaths to your local bakery. Though this has its advantages, it also creates risk. Convenience comes at a cost, and all too often consumers and businesses alike don’t pay enough attention to cyber security until it’s too late.

The Importance Of Security Logs For GDPR Compliance

GDPR enforcement (and therefore fines) has been on the rise recently. And after the initial “compliance on paper” that many consultants offered, it’s time to address the cybersecurity aspects underlying GDPR. We have previously addressed the logging requirements of GDPR and now we are going to review the “why” in addition to the “what”.

Using SIEM for Regulatory Compliance: Importance, Best Practices, Use Cases

Why is SIEM Important for Regulatory Compliance? A security information and event management (SIEM) system can improve the security of your business’ computer network with real-time automation, monitoring, logging and event alerts. By leveraging SIEM Software, your security team is able to track events concerning your company’s information security, such as potential data breaches, helping you to react in a timely manner.

Weekly Cyber Security News 05/02/2021

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Most of us after almost a year of regular lock-downs are experiencing cabin fever. In some cases it erupts in quite interesting ways – such as this one. I very much doubt it is a hacker, most likely an employee trying to release ‘tension’.

AppSec Bites Part 2: Top 3 Things to Consider When Maturing Your AppSec Programs

When it comes to maturing an AppSec program, there are several best practices that can help you get started. In part two of our AppSec podcast series, Tim Jarrett, Director of Product Management at Veracode, and Kyle Pippin, Director of Product Management at ThreadFix, share the top 3 things they’ve learned from organizations that have successfully matured and scaled their AppSec programs.

Part One: The Rise of Scalper Bots

Scalper bots are designed to automatically purchase online goods. Generally, they do this by adding a product to a cart and completing the checkout process far faster than any human could hope to do so. They exploit vulnerabilities in websites to purchase goods before they are even listed as available to the usual human users of a website. Those using scalper bots have a huge advantage over non-bot users when it comes to purchasing limited-quantity items.

Consistency, Efficiency And Security: Three Priorities For The 'Anywhere Workforce' In 2021

The efficacy of remote work has been debated for decades. Now, as companies begin pursuing a post-Covid-19 reality, the debate is finally settled. According to some of the most prominent companies in Silicon Valley, including Google, Facebook, Twitter and Apple, the answer is a hybrid model. Rather than being dogmatic and dichotomous about workplace arrangements, these companies find value in a hybrid model that includes a flexible mix of on-site and remote teams.

Intrusion Prevention Systems explained: what is an IPS?

The goal of every cybersecurity strategy is to stop cyberthreats before they have a material impact. This has resulted in many organizations seeking to be more proactive in their response to potential threats by employing solutions to detect and prevent specific types of cyberattacks by monitoring for the earliest indicators of attacks found within network traffic.

Rooting out the cybersecurity risk in your CI/CD pipeline

When it comes to productivity, agility, and efficiency - continuous integration/continuous delivery (CI/CD) pipelines are great. When it comes to ensuring cybersecurity, they leave a lot to be desired. In fact, and especially given the popularity of CI/CD pipelines now, securing continuous environments might turn into the most important security challenge of the next decade.