Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

A Real-World Look at AWS Best Practices: Storage

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.

The Top 10 Highest Paying Jobs in Information Security - Part 2

Information security is an exciting and rapidly growing field for individuals who are interested in protecting users and their data. In an effort to map out the industry as a possible career choice, we recently conducted research into the top 10 infosec jobs based on overall pay grade. We now continue with the second part of our two-part series.

Active Directory Certificate Services: Risky Settings and How to Remediate Them

Active Directory Certificate Services has been around for a long time, but resources for learning it are not great. As a result, it often has misconfigurations that are an increasing vector for attacks. In fact, SpecterOps released a whitepaper detailing a number of misconfigurations and potential attacks and providing hardening advice.

Joint PCI security and CSA guidance on scoping cloud environments

As organizations move their infrastructure to the cloud, payment data are being exposed unknowingly leading to high profile data breaches. Find out how the new guidance from PCI Security Standards Council (PCI SSC) and Cloud Security Alliance (CSA) can help protect your cardholder data in the cloud.

Hit by hackers? You're now a target for more attacks

After being hit by a ransomware or phishing attack, it might be tempting for businesses to think the damage has been done and they can now focus on rebuilding. This is rarely the case. Research shows that 80% of organisations targeted by ransomware end up suffering another attack – and 46% are targeted by the same cybercriminals that hit them in the first place.

7 Strategies to Keep Business Data Secure

Cyberattacks are on the rise. The growing number of internet-connected devices and the value of business data means cybercriminals have more to gain than ever from breaking into a company’s network. It’s not uncommon for hackers to target operations of all sizes — meaning that any company holding onto important information needs defenses that will keep that data secure. These seven strategies are some of the most important cybersecurity tactics for a business to use.

How to Use Egnyte to Protect Against Insider Threats

Vigilant companies continuously review risks and their cybersecurity postures. They deploy active defense-in-depth measures and utilize the latest malware detection and mitigation techniques. However, there is one type of vulnerability that tends to fall through the cracks—insider threats. That’s because IT organizations often believe it’s management’s problem to address, while managers believe IT groups have insider threats under control.

Vulnerability Management: Process, Life Cycle, and Best Practices

Vulnerability management is a full-time occupation. This cybersecurity function is iterative and involves constant monitoring, documentation, and review. From updating your software to recording new patches, vulnerability management is a constant process that benefits from automated tools like Nightfall . Here’s how vulnerability management works, the ins and outs of the vulnerability management life cycle, and best practices to implement at your organization.

What are bots costing gaming and betting companies?

As the pandemic pushed more businesses to an online-first model, cybercriminals seized opportunities to profit from fraudulent activity. But the financial impact of these attacks on businesses has been hard to quantify. Netacea recently surveyed 440 businesses from across the USA and UK to understand how much financial impact bot attacks are having across different industries.

Wanted: Reward of up to $10 million for critical infrastructure hackers

The U.S. government aims to tackle cybercrime, in particular attacks targeting critical infrastructure. For this purpose, the U.S. State Department has announced a reward of up to $10 million to anyone who offers valid information about any potential cyberattacks on critical infrastructure supported by foreign states.