As a cloud-native data loss prevention solution, Nightfall DLP can natively integrate with some of the most popular SaaS applications in order to protect against the proliferation of sensitive data in these environments. With our native integrations, Nightfall helps keep client data safe on apps including Slack, GitHub, Google Drive, Confluence, and Jira. But did you know that Nightfall also exists as a standalone DLP API?

The Linux/UNIX process model creates a new process by cloning the currently running one using the fork() system call. Subsequently, exec()—or one of its variants—loads a new program image into the newly cloned child process. There are a variety of issues that stem from using this approach in modern systems. There are also various widely used techniques and APIs aiming to alleviate the issues in different ways with different degrees of success and quirks.

Penetration testing, also known as “pen testing,” is an intentional, simulated cyberattack against your IT systems to find vulnerabilities and test the efficacy of cybersecurity controls. For example, penetration testers can use this tactic to improve web application security mechanisms such as firewalls. Pen testing might involve an attempt to breach access controls to gain access to a private network.

It is increasingly common to hear about cyber threats to energy and utility industries. These are malicious acts by adversaries that target our data, intellectual property, or other digital assets. All too often it seems as though energy and utility companies are put in a defensive position to battle it out with these cyber intruders. How can the industry switch to a more offensive position when it comes to understanding these threats?

As supply chain attacks continue to dominate headlines, software development teams are beginning to realize that package management can’t be taken lightly — the threats hidden under the hood are real. In this installment of The Source, we want to talk about the practices and tools that developers need to adopt in order to protect against supply chain attacks.

This is part 2 in a mini-series about the current paradigm shift in security towards a continuous security approach. Richard Carlsson, Detectify CEO, was on Enterprise Security Weekly to shed light on it and this article delves into the need for velocity to activate this strategy.

President Biden’s cybersecurity executive order from last month should cause little surprise for anyone following news headlines over the past year. The order is the U.S. Federal Government’s important response to a long list of incidents, starting with the SolarWinds attack and ending with a recent ransomware attack against Colonial Pipeline —- the largest known attack against a US energy firm.

The old saying “it takes a village” applies to many things in life, including securing your organization. Security is a team sport that requires a variety of solutions and providers — such as a firewall, endpoint protection, security information and event management (SIEM), threat intelligence provider, IT service management (ITSM), governance, risk, and compliance solution (GRC), and cloud access security broker (CASB) — to name a few.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Kudos to the various organizations who pulled off amazing sting. I’ve said this many times over the years, but I really mean it this time. THIS one has to be a movie!

Organizations that want to do business with the Department of Defense are required to achieve CMMC compliance by the end of this year. Sumo Logic can serve as a tool to assist your organization in achieving CMMC compliance.