Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Initial Access Brokers: Fueling the Ransomware Threat - The Monitor, Issue 17

Kroll has observed an uptick in actors offering network access on the dark web, particularly in the wake of recent disruptions to the ransomware-as-a-service (RAAS) ecosphere such as the ban on ransomware discussions in notorious underground criminal forums.

Steps to a Successful ISO 27001 Risk Assessment Procedure

ISO/IEC 27001 is an international set of standards that provide the requirements to set up an Information Security Management System (ISMS). Implementing ISO 27001 enables organizations to better manage and secure their information assets, including intellectual property, financials, employee details, customer data, and information entrusted by third parties. Furthermore, companies can prove that they are less vulnerable to IT security incidents or data breaches by achieving ISO compliance.

What To Do When Your Cloud System Crashes

Most organizations today rely on the cloud to store or manage at least some of their data and applications. If your business is considering (or already using) a cloud environment, it’s important that you know what to do if your cloud system crashes or experiences an outage. In this guide, we cover the basics of cloud computing and then outline some steps you can take in the event of a cloud crash or outage.

How to Assure Your Compliance Strategy Evolves Over Time

Compliance is a constant issue that affects businesses in multiple ways every day. Not only must your compliance program address individual acts of misconduct; the program must assure that your organization follows laws, rules, and regulations overtime — every day, day after day, in perpetuity.

Third-Party Risk Management Regulations Every Organization Should Know

Modern organizations operate in a complex business landscape. Increasingly, they rely on a plethora of third-party partners, vendors, and subcontractors to generate value, boost competitiveness, and strengthen their bottom line. And yet, these same third parties also create numerous risks that can disrupt the organization’s operations, affect its financial standing, and damage its reputation.

Data Risk Management in the Gig Economy

A huge swath of the U.S. workforce doesn’t actually hold a full-time job. As many as 40 percent of Americans work in the so-called “gig economy” — driving for ride-share services, selling handicrafts online, pet-sitting, managing a social media account for a local company, and so forth. Typically, a technology company (Uber, Etsy, Rover, AirBnB; the list is endless) matches those workers with customers who have a need.

Top 10 Risks Faced By the Manufacturing Industry

The global economy is more connected than ever, generating significant benefits for companies and industries operating worldwide. Nobody, however, is exempt from threats that drive supply chain and manufacturing risk. There is no doubt that the manufacturing industry is beset by numerous risks that affect the company and its human assets.

A Peek at JFrog's Iron Bank Accreditation for Xray and Artifactory

JFrog Artifactory and JFrog Xray recently underwent a rigorous hardening process to earn accreditation for inclusion in the U.S. Department of Defense’s Iron Bank, a centralized repository of digitally-signed and hardened container images. In this blog post, we’re pulling back the curtain on the process, in order to share our insights and lessons learned with our customers and with the DevOps community at large.

Clash of the Titans: Marketing and Security

There’s a natural tension within most companies: marketing wants to get stuff out, while IT and security are focused on protecting the business. These waters between marketing and security can be treacherous, and a recent challenge we observed in a large U.S.-based northeastern bank, illustrates the issue well. Like many financial institutions, mobile and web banking are a critical and core component of the business model.