Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

3 Ways To Protect Yourself From Social Engineering Scams

The “Great Resignation” is still well underway, further impacting a cybersecurity industry with a historically low retention rate. According to a report published by Enterprise Strategy Group in partnership with Information Systems Security Association International, 76% of organizations say it is difficult to recruit and hire security professionals.

Unknown Number? What Is Vishing and How Scammers Pull It Off

According to the 2020 FTC Data Report, vishing constituted 31% of fraud reports, with an aggregated loss of $436 million. That's a lot of vishing. Scammers' methods have become out-of-this-world, too. Years ago, a social media video of a police officer taking a scam call in real time became viral. The scammer, posing as a banking representative, requested personal information on the pretext of verifying their account. The officer was uncooperative.

Enforcing Role-based Access Control (RBAC) Policies with OPA

A common use case our customers have for Open Policy Agent (OPA) is access control. The problem of access control is generally broken down into two parts, authentication and authorization. Authentication is about making sure we can trust someone’s stated identity, authorization is making decisions about who can do what.

The Ultimate Guide to Sigma Rules

In cybersecurity as in sports, teamwork makes the dream work. In a world where security analysts can feel constantly bombarded by threat actors, banding together to share information and strategies is increasingly important. Over the last few years, security operations center (SOC) analysts started sharing open source Sigma rules to create and share detections that help them level the playing field.

Microsoft Direct Send - Phishing Abuse Primitive

This vector abuses Microsoft Direct Send service in order to propagate phishing emails from an external sender to an internal user, whilst spoofing the properties of a valid internal user. This “feature” has existed since before 2016. However, threat intelligence available to JUMPSEC has only observed it being abused recently.

CSI Container: Can you DFIR it?

Do you like detective series? Have you ever thought about them actually taking place in cybersecurity? What do you think of CSI on containers? Are you interested in how to apply Digital Forensics and Incident Response (DFIR) to containers and clusters? If all your answers are YES, you will love this article. The CloudNative SecurityCon occurred in early February 2023, where leading security experts gathered to present their latest research and projects.

AI TRiSM Explained: AI Trust, Risk & Security Management

AI Trust, Risk and Security Management (AI TRiSM) is an emerging technology trend that will revolutionize businesses in coming years. The AI TRiSM framework helps identify, monitor and reduce potential risks associated with using AI technology in organizations. By using this framework, organizations can ensure compliance with all relevant regulations and data privacy laws. In this article, you'll learn what AI TRiSM is, how it works, and how organizations can use it for their benefit.

How Data Resilience Drives Customer, Cyber & Business Resilience

With evolving cyber threats and sudden disasters, data resilience is among the critical components of any business. Data resilience helps businesses provide continuous, uninterrupted services to their customers. This article explains data resilience, its importance for current businesses, and the most common strategies to achieve data resilience. It also describes the advantages and challenges of achieving business data resilience.