Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Five worthy reads: Confidential computing - The way forward in cloud security

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In light of rising concerns over cloud cybersecurity, this week we explore the concept of confidential computing. The past year has seen strong adoption of cloud technologies due to accelerated digital transformation and a cloud-first approach in business.

Penetration Testing: A How-to Guide for Enterprises

Penetration testing is the cornerstone of any cyber security strategy, yet enterprises often don’t get an optimal outcome from their pen test engagements. In this blog I’ll be looking at the three main reasons behind this, and also suggesting an alternative way of working that could vastly improve security outcomes whilst also increasing business value.

Is Atlassian Cloud HIPAA Compliant?

In 2021, digital transformation has accelerated. At the tail end of the COVID pandemic, with companies remaining remote, the demand for cloud services in the enterprise is the highest It’s ever been. Healthcare organizations, which more directly encountered the acute challenges posed by the pandemic, were among the first to be shaped by the current wave of digital transformation.

Nightfall's DLP API Adds Data Discovery and Classification to Your Applications

As a cloud-native data loss prevention solution, Nightfall DLP can natively integrate with some of the most popular SaaS applications in order to protect against the proliferation of sensitive data in these environments. With our native integrations, Nightfall helps keep client data safe on apps including Slack, GitHub, Google Drive, Confluence, and Jira. But did you know that Nightfall also exists as a standalone DLP API?

Fork is The Way - Let's Make it Hurt Less

The Linux/UNIX process model creates a new process by cloning the currently running one using the fork() system call. Subsequently, exec()—or one of its variants—loads a new program image into the newly cloned child process. There are a variety of issues that stem from using this approach in modern systems. There are also various widely used techniques and APIs aiming to alleviate the issues in different ways with different degrees of success and quirks.

What is Penetration Testing? Pen Tests Defined

Penetration testing, also known as “pen testing,” is an intentional, simulated cyberattack against your IT systems to find vulnerabilities and test the efficacy of cybersecurity controls. For example, penetration testers can use this tactic to improve web application security mechanisms such as firewalls. Pen testing might involve an attempt to breach access controls to gain access to a private network.

Threat Intelligence and Energy and Utilities

It is increasingly common to hear about cyber threats to energy and utility industries. These are malicious acts by adversaries that target our data, intellectual property, or other digital assets. All too often it seems as though energy and utility companies are put in a defensive position to battle it out with these cyber intruders. How can the industry switch to a more offensive position when it comes to understanding these threats?

10 Supply Chain Security Tips That Won't Slow Development Down

As supply chain attacks continue to dominate headlines, software development teams are beginning to realize that package management can’t be taken lightly — the threats hidden under the hood are real. In this installment of The Source, we want to talk about the practices and tools that developers need to adopt in order to protect against supply chain attacks.

Understanding the software supply chain security requirements in the cybersecurity Executive Order

President Biden’s cybersecurity executive order from last month should cause little surprise for anyone following news headlines over the past year. The order is the U.S. Federal Government’s important response to a long list of incidents, starting with the SolarWinds attack and ending with a recent ransomware attack against Colonial Pipeline —- the largest known attack against a US energy firm.