User account credentials are both a necessary component of normal operations and a critical vector for a malicious actor’s entrance into an enterprise environment. Compensating for the inherent risk of granting the end user access to corporate systems is a challenge in balancing usability with security. When a user with low-level privileges can have their credentials abused to gain increased levels of access, superior solutions to standard username-and-password schemes become necessary.

When most people think about the origin of a cyberattack, the image is that of a hacker using some kind of exploit against software or hardware in order to gain unauthorized access to systems. The hacker is seeking data to exfiltrate and monetize, either through re-sale on the darknet or extortion through ransomware.

When the American heist comedy Ocean’s Eleven was released on Friday, December 7, 2001, it topped the box-office draw for that weekend. The story follows two friends who plan to steal $160 million from three major casinos in Las Vegas. Entertainment Weekly called it “the most winning robbery sequence of the decade”.

Keeper Security and Bitwarden are password management solutions offering varying user features and benefits to their customers. Bitwarden is a good password manager with a password generator tool, autofill, two-factor authentication and more. Keeper is an enterprise solution that offers these same capabilities and more—combining a password manager with secrets management and connection management.

On Tuesday, August 2, 2022, VMware disclosed a critical-severity authentication bypass vulnerability (CVE-2022-31656) impacting multiple VMware products, including VMware’s Workspace ONE Access, Identity Manager (vIDM), and vRealize automation. If successfully exploited, the vulnerability could allow a threat actor with network access to the user interface to obtain administrative access without needing to authenticate.

This is the fifth in a series of articles focused on AI/ML. Source code is a critical part of an organization’s intellectual property and digital assets. As more and more centralized source code repositories are moving to the cloud, it is imperative for organizations to use the right security tools to safeguard their source code.

Insights from the 2022 Results That Matter study “88% of boards regard cybersecurity as a business risk rather than solely a technical IT problem.”1 Regardless of geography, industry, sector, or use cases, most would agree that reducing risk is a top priority for their organization. Whether it’s decreasing phishing scams, ransomware, and malware attacks or reducing the risk of customer churn due to breaches, security is everyone’s concern.

Learn about the phases of a software development life cycle, plus how to build security in or take an existing SDLC to the next level: the secure SDLC. The digital transformation that has swept across all industry sectors means that every business is now a software business.

Gone are the days where bosses could simply walk by an employee’s desk and peek at their computer screen to see if they were on task. At the end of last year, 45% of full-time employees worked from home at least part of the time, and many want to keep it that way. Enter employee monitoring, not-so-affectionally known as “bossware.” It’s software that companies install to better understand what it is their employees are doing all day.

If you’re looking to catch up on what happened at this years AWS re:Inforce, this is the blog for you. There were many important announcements were this year, including some exciting updates on the cloud security front. In this post, we’ll quickly review the goals of the conference and who should attend, before diving into the keynote highlights, software updates, and helpful resources.