Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

AWS IAM in a layman's terms

We alluded in one of our previous posts that the development team will own a lot of responsibility defining application related resource access control, simply because the dev team owns the infrastructure as code (IaC) responsibility themselves. No matter how security-savvy and security-educated a development team is, the central security team still needs some control, some kind of “trust but verify”.

What's New in v8 of the CIS Controls

Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Security’s Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many of the existing controls in that version. It also cleaned up the language of the CIS Controls, simplified some working, removed duplicate requirements, and created an abstract for each of the security measures.

What Is a Security Operations Center (SOC)?

Data breaches are costing organizations millions of dollars on average. In its 2020 Cost of a Data Breach Report, IBM found that a data breach cost the average organization $3.86 million. This price tag was even greater for organizations located in the United States and operating in the healthcare industry at $8.64 million and $7.13 million, respectively. What’s behind this price tag, you ask?

Why False Declines Cost You More Than Fraud and What to Do About It

Do you remember a time when you were amped up to buy that new pair of shoes, or any special item online – only to have your credit card or other payment information (which you know is real), declined? All of that time spent browsing, selecting, getting off of your couch to find your credit card, entering payment information wasted? You are not alone!

Interview with Cybersecurity Specialist Jen Ayers

For our latest specialist interview in our series speaking to technology leaders from around the world, we’ve welcomed the COO of DNSFilter, Jen Ayers to share her insights from the world of cybersecurity including the latest trends she is seeing on the rise and what business leaders need to keep in mind for the rest of 2021.

Cryptocurrency is a major target for account takeover

Cryptocurrency and blockchain are two of the hottest trending topics in the financial and tech worlds, with interest in Bitcoin, Ethereum, XRP and even Dogecoin exploding in recent years. This growing interest in cryptocurrencies has made them a target for fraudsters. But it’s not just the popularity of crypto trading that has criminals chomping at the bit. The nature of blockchain currencies makes them highly susceptible to fraudulent activity.

How To Cyber Security: Put the Sec in DevOps with Intelligent Orchestration

DevSecOps is a team effort. Learn how to build security into DevOps to deliver secure, high-quality software faster using SAST and SCA software solutions. Modern software development is more of everything: more code, in more languages, on more platforms, with more deployment options. DevOps demands automation to maximize velocity and continuous improvement throughout process feedback. All this more also means more security risk.

Splunk SOAR Playbooks: GCP Unusual Service Account Usage

As organizations increase their cloud footprints, it becomes more and more important to implement access control monitoring for as many resources as possible. In previous playbooks, we have shown examples of AWS and Azure account monitoring, but the series would not be complete without also supporting Google Cloud Platform (GCP).