Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Why Cybersecurity is Critical to Maintaining HIPAA Compliance

When exploringhttps://securityscorecard.com/admin/entries/blog/154640?draftId=2332&fresh=1# top network security breaches, many think of the obvious: banks or large consumer institutions. However, healthcare organizations are on the rise as a top target for hackers, with the number of data breaches rising 36% in the second half of 2020.

New sophisticated RAT in town: FatalRat analysis

AT&T Alien Labs™ has recently observed the presence of a new remote access trojan (RAT) malware in its threat analysis systems. The malware, known as FatalRAT, appears to be distributed via forums and Telegram channels, hidden in download links that attempt to lure the user via software or media articles.

The best security advice from 100 episodes of The Secure Developer podcast

Technology, culture, and process all have to change to ensure safe software is delivered faster. It’s a lot to tackle. But you don’t have to do it alone. The Secure Developer, a podcast from Snyk’s founder Guy Podjarny, just hit 100 episodes of thought-provoking conversations with security experts at a wide cross-section of companies.

Democratizing Automation for Security Teams

Everyone wants to automate security. Traditionally, though, doing so has been challenging because setting up security automation tools required a specialized set of skills that no one engineer at a company possesses. It’s time to change this state of affairs by democratizing security automation. Here’s why and how.

SANS Survey Finds Only 29% of Orgs Have Automated Most of Their Security Testing

IT workloads are increasingly moving to the cloud, changing the way organizations develop and deliver software. Deploying and running production systems is now separate from the hardware and network, infrastructure is defined through code, and operations are now part of cloud service APIs.

How SCM Can Protect Against Skills-Based Errors and Mistakes

People make up an important part of an organization’s security posture. That’s because some employees have the rights necessary for accessing sensitive data as well as the privileges for viewing and/or editing critical systems. If those individuals have the right focus and training, they can play a crucial part in keeping those assets safe against digital attackers. But if they aren’t paying attention, they could do something that puts their employer at risk.

Mapping the Attack Surface for Insurance Applications

As insurance organizations look to attract and engage customers, the growing use of web applications has increased their cyber exposure and the risks of cyberattacks. In this benchmark study, we analyzed the attack surface of the top 10 insurers in Europe to highlight the common attack vectors and security weaknesses that could be exploited – from page creation method to vulnerable components – and our top tips for reducing web application security risks.

Debunking the seven myths of FSI application security

Don’t let myths undermine the security of financial software. We examine the seven myths and misconceptions found in FSI application security. It’s obvious why cyber criminals are drawn to the financial services industry (FSI). It’s the Willie Sutton logic updated: he robbed banks because “that’s where the money is.” But today it’s not just banks.

Cybersecurity Challenges Facing Higher Education

With more colleges and universities incorporating Software-as-a-Service (SaaS) platforms to support registrars, admissions, and financial aid offices, schools are collecting more electronic student information than ever before. Combine that with weak networks and systems, however, and the state of cybersecurity in higher education earns an F. Higher education needs to focus more efforts on protecting this information from cybercriminals.