We’ve said it before, and we’ll say it again: Security Orchestration, Automation and Response (SOAR) platforms are great tools for helping teams work smarter, faster, and more efficiently against security risks. But, used on their own, SOARs are far from perfect for meeting the full security needs of the modern organization.

A recent survey by the analyst firm Gartner showed that 89% of companies experienced a supplier risk event in the last five years; however, those companies' overall awareness and plans to mitigate lacked maturity. As a result, it is no longer enough to secure your own company's infrastructure. You must also evaluate the risk posed by third-party vendors and plan to monitor those organizations for breaches.

The ever-evolving cyber threat landscape gives birth to new, unprecedented cyberattacks that challenge traditional cybersecurity approaches and force security operations centers (SOCs) to evolve and redefine their methods. To ensure that the integrity of their data is well-protected, SOCs have to be one step ahead of malicious actors. Ergo, the necessity of creating the modern SOC comes into play.

Netskope is a leading provider of cloud security with its security service edge, single-pass architecture. Using clients to steer traffic to the Internet through the Netskope Security Cloud means that customers can securely enable data moving into and out of the distributed corporate environment. But this traffic has to originate from an endpoint—and endpoints can be compromised. How do organizations know whether SaaS traffic originating from an endpoint is potentially compromised or at risk?

This article will explore methods for “hiding” SSH servers so that the server is harder to discover by malicious users on public networks. We’ll focus on changing the default SSH port and implementing SSH port knocking to make it more difficult for unwanted users to discover or locate the server.

Predicting the future is tricky business. However, when you’re privileged enough to frequently speak with the technology leadership at Fortune 500 companies, looking forward is less about gazing into a crystal ball and more of an extrapolation of trends that you're seeing. I’m honored that Fast Mode published my article detailing what I think is in store for cloud computing in 2022.

Water and wastewater treatment may not be at the top of most people’s list of discussion topics, but the more you think about it, the more clear it becomes that this particular subsegment of the utilities market is a vital part of our critical infrastructure. We rely on the ability to turn on the tap and get clean, safe water every day. And we’ve seen what havoc losing that ability can wreak from the crisis in Flint, MI.

The healthcare industry faces a plethora of serious cybersecurity risks. Indeed, 2021 saw a record number of major health data breaches in the U.S. — the breach notification portal of the U.S. Department of Health and Human Services lists at least 713 incidents affecting 45.7 million individuals.

We recently held a panel discussion with Peak’s Gary Myers, Free Agent’s Richard Grey, Trace’s Sorcha Lorimer, and our own Guillaume Montard to pose the question: “How do you bridge the gap between security and privacy teams?” If you weren’t able to join us, here’s a rundown of the key takeaways that came up during the chat. You can also find an archive of the discussion at the end of this post if you’d love to watch it in its entirety.

Aside from executing physical attacks on servers, hardware or people, there are three main access points where criminals can break into systems: web, mobile and API. In this post, we’ll focus on mobile security, an area increasingly being exploited due to a sharp rise in mobile device use over the course of the pandemic.