Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

What is SAML? Definition + How it Works

SAML (Security Assertion Markup Language) is an open standard that enables users to access numerous web applications or web services using the same login credentials through identity federation. SAML relies upon two parties - an identity provider (IDP) and a service provider (SP). The IDP provides authentication information about the user to the SP. The SP uses this information to provide authorization to the user.

Digital Signatures Using Java

This is the ninth entry in blog series on using Java Cryptography securely. We started off by looking at the basics of Java Cryptography Architecture, assembling one crypto primitive after other in posts on Cryptographically Secure Random Number Generator, symmetric & asymmetric encryption/decryption & hashes. In the meantime, we had to catchup with cryptographic update in latest versions of Java. Having looked at some of the most common symmetric cryptography based applications a.k.a.

IoT Devices Built to Meet Cybersecurity Needs

The Internet of Things (IoT) includes items such as smart appliances, smartwatches, and medical sensors. For organizations to enjoy all of the benefits and convenience of IoT devices, enterprise customers must fully understand the potential risks and threats to their systems and the underlying data. IoT devices often lack built-in security controls, a situation which creates risks and threats for federal agencies and consumers.

What is Data Loss Prevention (DLP) And How Does It Work

Every year, business owners grapple with the same question: how can I keep my data safe? One survey found that 47% of small business owners found data security to be their biggest challenge; a further 42% said preventing data loss was also keeping them up at night. Data loss prevention is a clear priority for enterprises of all sizes.

Elastic on Elastic Series: Data collected to the Infosec SIEM

The Elastic Infosec Detections and Analytics team is responsible for building, tuning, and maintaining the security detections used to protect all Elastic systems. Within Elastic we call ourselves Customer Zero and we strive to always use the newest versions of our products.

What are bots costing eCommerce companies?

Netacea recently surveyed 440 businesses from across the USA and UK to understand how much financial impact bot attacks are having across different industries. Read the full results in our report: The Bot Management Review: What Are Bots Costing Your Business? Analyzing the results, it’s clear that those in the retail industry are keenly aware of the financial harm caused by eCommerce bots.

PowerShell Detections - Threat Research Release, August 2021

The Splunk Threat Research Team (STRT) most recently began evaluating more ways to generate security content using native Windows event logging regarding PowerShell Script Block Logging. This method provides greater depth of visibility as it provides the raw (entire) PowerShell script output. There are three sources that may enhance any defender's perspective: module, script block and transcript logging.

Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling

JFrog Security research teams are constantly looking for new and previously unknown vulnerabilities in popular open-source projects to help improve their security posture. As part of this effort, we recently discovered a potentially critical vulnerability in HAProxy, a widely used open-source load balancer proxy server that is particularly suited for very high traffic web sites and used by many leading companies.

Benefits of Cyber Essentials

Cybercriminals constantly target large organisations in the quest to exploit their networks, steal data and extort money. However, it’s well known that SMEs are also targeted with the same level of enthusiasm by cybercriminals. The reason is simple; an attack on a home user gives access to their email passwords which can then be used for social engineering, but an attack directly on a company can lead to the theft of intellectual property and sensitive strategic data.