Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

How to Secure Hybrid Teams Against Insider Threats

As businesses emerge from the pandemic, many are making strategic decisions about their long-term work arrangements. While there is a substantial debate about remaining remote or bringing people back to the office, many companies are choosing to meet in the middle, embracing a hybrid work arrangement that allows people to work both on-site and remotely.

What is a Cybersecurity Framework?

Headlines coming out of Sweden in July gave IT departments around the world a jolt: one of the country’s largest grocery chains, COOP, had been hit by ransomware and had to temporarily shut down hundreds of stores. Cybercriminals had infiltrated the software as a service (SAS) company Kaseya, a client management platform used by as many as 40,000 organizations (including COOP).

Why the New Executive Order will result in wider rollout of Zero Trust Adoption

The zero trust model exists because of the volume and diversity of cyberthreats on the global landscape. Zero trust is a set of coordinated system management practices plus design principles for modern IT systems. The Biden administration’s executive order on Improving the Nation’s Cybersecurity names zero trust as an essential component in hardening federal agencies against internal and external threats to national security.

Web application security explained: reviewing WAS testing, best practices, and tools

In today’s corporate environment, business is predominantly conducted online. Most organizations have a website or some type of web application that functions as the hub of their online operations.In today’s corporate environment, business is predominantly conducted online. Most organizations have a website or some type of web application that functions as the hub of their online operations.

Stories from the SOC - Sodinokibi Ransomware (REvil / BlueCrab)

There’s a saying that nothing can be certain, except death and taxes; in today’s cyber threat landscape, we can add ransomware to that short list. One of the AT&T Managed Threat Detection and Response customers almost had an incident at the crossroads of taxes and ransomware, but thanks to the SentinelOne advanced EDR platform, the attack was quickly detected and stopped automatically.

Are You Prepared to Better Protect Against SANS' Top Attacks and Threats?

The SANS 2021 Top New Attacks and Threat Report is now available for download, covering the security trends and top threats to watch for as the world emerges from the pandemic. Presented at the SANS threat expert panel discussion held during the RSAConference 2021 Virtual Experience, the top attack category the report highlights is supply chain attacks – and with good reason.

Better Ruby Gemfile security: A step-by-step guide using Snyk

Ruby is a well-defined and thought-out language and has been around since the mid-1990s. In 2004, Ruby incorporated RubyGems as its package manager. RubyGems is used to manage libraries and dependencies in a self-contained format known as a gem. The interface for RubyGems is a command line tool that integrates with the Ruby runtime and allows Gemfiles to be added or updated in a project. I looked at three Ruby platforms and found vulnerabilities that were surprising, even to me.

Cyberattacks and Their Impact on the Company

A recent study reveals that cybercrime costs the world economy more than $1 trillion, a more than 50 percent increase from 2018. Damage to companies also includes downtime, brand reputation, and reduced efficiency. Besides installing anti-malware software to protect against cyberattacks, however, there is other security software to consider. One option is a SIEM (Security Information and Event Management) solution.