Snyk Open Source supports C and C++ scanning for vendored open source dependencies via CLI — and we are happy to share that it is now available via our CI plugins as well. This guide will walk you through integrating C/C++ security scanning within pipelines to get vulnerability information and remediation advice directly to developers. Note that in the scope of this guide, we’ll refer to “C/C++” as just “C++”

Smart homes rely on secure devices. Fuzz testing identifies software vulnerabilities in smart devices by fuzzing wireless and IoT protocols.

Perhaps someone doesn’t answer a Slack message as quickly as they should, or they have long hours blocked on their calendar. Maybe someone doesn’t seem motivated during team meetings or they are slow to complete work. While research has shown that overall, productivity has actually increased as a result of the work-from-home movement, managers know all too well what it’s like to be suspicious that someone is taking advantage of their new work arrangement.

A ransomware gang that has been increasingly disproportionately targeting the education sector is the subject of a joint warning issued by the FBI, CISA, and MS-ISAC. The Vice Society ransomware group has been breaking into schools and colleges, exfiltrating sensitive data, and demanding ransom payments. The threat? If the extortionists aren’t paid, you may not be able to unlock your encrypted files, and the attackers may leak the information they have stolen from your servers online.

Following on from the previous article we posted regarding cyber security trends, we thought we’d revisit the topic and continue with another set to keep an eye on. The world of cyber security is always evolving and there’s always too much for just one article on the subject.

Teleport 10.2 was released on September 6th along with a lot of new features, bug fixes and improvements. This blog post will focus on two new features that deserve a deeper dive.

Whether it's password or passwordless authentication, multi-factor authentication, or any of the other identity verification shenanigans, in the end, our identity is deduced to a single session cookie! We can't deny the security importance of session cookies in web application access control.

At Netskope, our primary focus in the marketplace is to help customers protect their data. More and more data exists outside the traditional enterprise perimeter and is growing at an ever-rapid pace. More than 80% of users are using personal apps and instances from managed devices, and of those applications being accessed, roughly half would be given a “Poor” risk rating by the Netskope Cloud Confidence Index.

While Gartner hasn’t released the SOAR Magic Quadrant, to the delight of many SOAR enthusiasts, the highly anticipated Gartner SOAR Market Guide for 2022 is out and we are happy to announce that Sumo Logic has been included again! Even though Security Orchestration, Automation and Response (SOAR), as a relatively new security category, doesn’t have a SOAR Magic Quadrant, Gartner is already dedicating a market guide for SOAR solutions.

The HECVAT (Higher Education Community Vendor Assessment Toolkit) is a security assessment framework in the form of a questionnaire that’s specifically designed for higher education institutions to measure vendor risk. HECVAT attempts to standardize higher education information security and data protection requirements for cloud service providers and third-party solutions, specifically for their consistency, compatibility, and ease of use.