The General Data Protection Regulation (GDPR) is a landmark piece of legislation in the European Union (EU) that sets out rules for how how businesses process and protect personal data of EU citizens. It applies to any business that collects personal data from EU citizens, regardless of whether the business is located in the EU or not. This makes it a truly global regulation and it has been driving significant change in the way businesses manage and protect personal data.

As digital transformation continues to blossom and cloud adoption increases, we continue to see challenges crop up when it comes to traditional DLP solutions. Setting aside the architectural and operational complexity and high cost that comes with traditional DLP, practitioners recognize that existing tools aren’t able to keep up.

Access control is the process of dictating who or what can access resources and assets and what actions are allowed once access is granted. An access control policy, by way of an enforcement mechanism, puts those parameters into action. Safeguarding data, IT systems and applications requires a robust access control solution, especially where financial, medical and other sensitive data is concerned.

In recent years, the world of artificial intelligence (AI) has seen a significant increase in the use of language models. ChatGPT, a language generation model developed by OpenAI, has been making waves in the news with its ability to process large amounts of data, which can be used to train machine learning models and to test them. One feature that’s grabbed headlines is its ability to write code and provide feedback on the accuracy and efficiency of code.

Audits are challenging. Especially when it comes to assessing abstract compliance standards against multiple cloud environments, unique cloud infrastructure setups, and many possible (mis)configurations. To help our customers automate compliance assessments, Snyk Cloud now supports 10+ compliance standards— including CIS Benchmarks for AWS, Azure, and Google Cloud, SOC 2, PCI DSS, ISO 27001, HIPAA, and more.

Last Summer, President Biden issued Executive Order 14028 to help boost and improve government cybersecurity operations in response to increased threats worldwide. Memorandum OMB-21-31 from the Office of Management and Budget soon followed, which explained the critical role data log collection and analysis play across all branches of the Federal Government.

More and more companies are using more and more open source. The stats I’ve seen say seventy to seventy-five percent of all applications use open source or have some type of open source associated with them. I think that number is actually higher. Of all the companies that I’ve worked for, just about every single application has some type of open source associated with it.

The popular saying “Keep Calm and Carry On” is a good mantra for any company that finds itself undergoing cyberattack, but what that pithy phrase does not mention is how one stays calm when a threat actor has locked down your system and is demanding a multimillion-dollar ransom?

From manufacturers in Michigan to fintechs in Finland, every business must comply with industry regulations — which are increasingly constraining. At the same time, businesses must protect and account for a growing number of systems, applications and data in order to remain compliant. In other words, compliance is getting harder. Enter log management. While regulations vary by country and industry, nearly every organization must store compliance-relevant information for a certain period of time.

On February 3, 2023, the developers of GoAnywhere MFT (Managed File Transfer) sent an advisory to their customers warning them of a zero-day remote code execution vulnerability being actively exploited in the wild. Exploitation of this vulnerability could allow sensitive data to be leaked and potentially used for extortion.