CIS Control 6 merges some aspects of CIS Control 4 (admin privileges) and CIS Control 14 (access based on need to know) into a single access control management group. Access control management is a critical component in maintaining information and system security, restricting access to assets based on role and need. It is important to grant, refuse, and remove access in a standardized, timely, and repeatable way across an entire organization.
On May 1, 2021, ISC² implemented a refreshed set of objectives for the CISSP certification exam for security professionals in order to keep it relevant to the latest technologies and cybersecurity standards, requirements and processes. New information security concepts, terms and acronyms have been added and others are better covered.
I had the pleasure of being at an in-person event recently. Aside from the joy it brought me to simply see people for the three-dimensional beings they are, it was of course incredible to connect with the Information Security community once more. Interestingly, a topic came up in quite a few of my conversations with fellow delegates. And it was one that I wasn’t expecting: encryption. It was often amiable, but on a couple of occasions eyes would roll.
During the pandemic, healthcare and education providers scrambled to adapt to providing services remotely, using tools like Slack, Google Drive, and Zoom to continue connecting with patients and students. McKinsey tracked a spike in the use of telehealth solutions in April 2020 that was 78 times higher than in February 2020. And, by some estimates, more than 1.2 billion children worldwide were impacted by school closures due to the pandemic — some of whom were able to learn remotely.
The Coverity and Wind River partnership supports developers with fast-turn CI/CD workflows and container-based development. Highlights.
Quite often you are in the middle of a security incident or just combing through your data looking for signs of malicious activity, and you will want to trace the activity or relationships of a particular process. This can be a very time-consuming and frustrating task if you try to brute force things (copying/pasting parent and child process IDs over and over again). And in the heat of battle, you may miss one item that could have led you to something interesting.
Despite the steady drumbeat of hacks that are reported on a nearly weekly basis, it is safe to say that cybersecurity is still far from a “top of mind issue” for most people. Massive data breaches like Equifax, Marriott, and many, many more are chalked up to being yet another part of the modern life. While each of those cybersecurity incidents was quite serious in its own right, for the public whose data were compromised, they represented more of an inconvenience than a serious concern.
Making security an intrinsic part of a DevOps pipeline is a “must-have” for organizations looking to secure their applications earlier in the development process. The combination of JFrog Artifactory and JFrog Xray enables organizations to build security into all phases of their software development lifecycle, so they can proactively detect and mitigate open source software (OSS) security vulnerabilities and license compliance issues that impact their software.
Yes. There really are 10 fairly easy ways to improve your website security and protect your customers at the same time. But first, you may be asking “Why do I need to worry about my website security? Aren’t web applications safe? What could possibly go wrong?” We’re not in the business of peddling FUD (fear, uncertainty, and doubt), but… let’s be frank.
LimaCharlie offers cybersecurity tools and supporting infrastructure billed based solely on usage in a scalable way. It is an approach that nobody else is taking. One that enables some pretty exciting possibilities for those looking to develop cybersecurity products or services. Open and fine-grained controls allow developers to create products with healthy margins and save years of development time. There is no other way to get to market quicker.
