Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Hey buddy - wanna buy a zero trust?

In the past couple of weeks, I’ve had the opportunity to attend two technology events IN PERSON!!! Seeing people “mask-to-mask” has been fun and educational. Forward Networks recently exhibited at Black Hat in Las Vegas and AFCEA TechNet Augusta. Obviously, security was the topic at Black Hat, but it was also top of mind for TechNet attendees, and attendees at both events stressed the need for better network behavioral insight.

CIS Control 1: Inventory and Control of Enterprise Assets

Since 2008, the CIS Controls have been through many iterations of refinement and improvement, leading up to what we are presented with today in CIS Controls version 8. CIS Controls reflect the combined knowledge of experts from every part of the ecosystem (companies, governments, and individuals). The controls reflect consideration by people in many different roles such as threat analysts, incident responders, solution providers, policy-makers, and more.

What did we learn from the 2021 ICO Report?

The 2021 ICO Annual Report highlights areas of concern for UK organisations, including the rise of ransomware, the constant threat of email phishing, and the lack of public faith in companies’ handling of data. Let’s dive into some of the more interesting findings from the regulatory body’s latest report.

Old mobile numbers can compromise unsecure MFA systems

Multi-factor authentication (MFA) adds a layer of security to logins that is essential to prevent unwanted access. This verification process uses a second device (owned by the user) as an additional identity verification element to which a token is sent (or generated) that certifies access veracity. The most secure MFA systems use applications to generate temporary codes, but many still rely on sending text messages to mobile phones (OTP).

Managing license compliance with Black Duck SCA

Black Duck provides a comprehensive SCA solution for managing security, quality, and license compliance risks associated with open source use. Given today’s development trends, your organization is undoubtedly leaning heavily on open source in any number of ways. According to Synopsys’ annual Open Source Security and Risk Analysis (OSSRA) report.

Solving User Monitoring Use Cases With Splunk Enterprise Security

I’ve been working with Splunk customers around the world for years to help them answer security questions with their data. And, like you probably know, sometimes it’s hard to know where to start for specific security use cases. We all know Splunk’s data platform is capable of delivering incredible analytics and insights at scale, but how do we tie that power with all of the content and premium solutions for security that Splunk provides?

Compliance vs Risk Management: What You Need to Know

According to a study conducted by Ropes & Gray, 57% of senior-level executives rate “risk and compliance” as the top two categories they feel the least prepared to address. There are a lot of misconceptions about compliance and risk management. Both help to prevent security threats to the organization’s legal structure and physical assets. And often, when people hear the terms compliance and risk management, they assume the two are the same.

Hypergrowth Playbook: 7 best practices as you go from startup to scaleup

Across the tech startup space, growth is on fire, and a key differentiator of success will be your ability to scale your talent at the pace needed. Based on having gone through this phase at various companies over the past decade, I’ve been pulled into helping advise founders and heads of people at several earlier-stage startups. So I made it simpler, and drafted a Hypergrowth Playbook , with my learnings. We are happy to share this openly, to help the community at large.