The cloud has enabled organizations to build and deploy applications faster than ever, but security has become more complex. The shift to cloud has created a world where everything is code — not just the applications, but also the infrastructure they run on. So, any security issue within an application or cloud environment can put an entire system at risk. And keeping that cloud native application stack secure is increasingly the responsibility of development teams.

More than a third of organizations suffered a serious cloud security incident in 2021. According to a survey of 300 cloud professionals covered by BetaNews, 36% of those respondents said that their organizations had suffered a severe cloud security data leak or breach in the past 12 months. Looking forward, eight in 10 survey participants said they were worried that they were vulnerable to a data breach related to a cloud misconfiguration.

In November of 2021, President Joe Biden signed the Infrastructure Investment and Jobs Act (IIJA) which authorizes a plan to invest $1.2 trillion into the nation's infrastructure. This bipartisan infrastructure bill plans to bolster the transportation, energy, water, utility sectors, and state and local governments. An important provision within the IIJA is the allocation of $2 billion towards enhancing the cybersecurity of government organizations.

When a breach occurs, time is of the essence. The decisions you make about whom to collaborate with and how to respond will determine how much impact the incident is going to have on your business operations.

This article provides a synopsis of the Follina exploit and simple steps you can take to mitigate this severe remote code execution vulnerability within Microsoft Support Diagnostic Tool (MSDT). This vulnerability is triggered via common Windows applications such as Microsoft Word and is being actively exploited by known hacking groups.

No matter what niche your organization specializes in, building trust with your customers is a major pillar around which a business is built. In a world where customers are picky with who they work with, data security and privacy practices are quickly becoming a competitive advantage. Showing your customers that you take your regulatory and contractual obligations seriously goes a long way in earning their trust, while also reducing exposure to risk and liabilities.

On May 31, 2022, a critical vulnerability in Atlassian Confluence Server and Confluence Data Center was disclosed by Volexity. While conducting an incident response investigation involving internet-facing servers with the Confluence server installed, Volexity determined that the servers were compromised and attackers were launching successful remote code execution (RCE) exploits.

My time at NERC had me involved with quite a few projects over my seven-year career there. I was involved with CIP compliance audits, investigations, auditor training, and many advisory sessions. Typically, I was advising entities across North America on different tactics, techniques, and insight from best practices I have seen. I wanted to share a few of the dos and don’ts during my experience out in the field.

We know for customers creating automation Stories in Tines, anything that makes tracking your progress more manageable and helps you demonstrate the platform's value makes a big difference. We're excited to announce that Reporting is now live across Tines. This new feature allows our customers and Community Edition users quickly and easily calculate how much time they're saving by automating their repetitive workflows through the platform.

Serverless computing brings a highly efficient way to deploy applications and run software on demand. Testament to that is the fact that serverless application adoption is increasing significantly over the years, with at least 1 in 5 organizations using FaaS (Function as a Service) in major Cloud providers such as Amazon, Azure & GCP.