Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Why SOX Compliance is Required

The Sarbanes-Oxley Act is a federal law that applies to all publicly traded businesses in the United States. It imposes sweeping corporate governance standards on those businesses, to improve accountability in the boardroom and senior management ranks and to make corporate financial statements more reliable.

The Value of Ingesting Firewall Logs

In this article, we are going to explore the process of ingesting logs into your data lake, and the value of importing your firewall logs into Coralogix. To understand the value of the firewall logs, we must first understand what data is being exported. A typical layer 3 firewall will export the source IP address, destination IP address, ports and the action for example allow or deny. A layer 7 firewall will add more metadata to the logs including application, user, location, and more.

Introducing our new Security Scan Platform

Today we’ve arrived at another significant achievement at Astra Security. After months of preparation, development, and design, we’ve officially launched our new Security Scan platform. From addition of more security tests to new dashboard design, the new platform will make pentesting a breeze for you. Our new and simple to utilize UI guarantees that your dev and security groups can rapidly and safely associate with pentest discoveries and resolve them easily.

New Advanced AlienApps for Fortinet

Here at AT&T Cybersecurity, we feel strongly that security should fit into your business, not the other way around. We lower the friction security brings to day-to-day operations through automating the essential security operations such as detection and response. By integrating different security products together to form a consolidated security architecture, companies can be protected with less effort.

Open Policy Agent: The Top 5 Kubernetes Admission Control Policies

Kubernetes developers and platform engineers are typically under a metric ton of pressure to keep app deployments humming at a brisk pace. With the scale and power of Kubernetes, this can feel daunting. Maybe you’re a retailer launching a new e-commerce feature for a huge sale. Maybe you’re a bank that’s scaling a finance app worldwide. In either case, compromises always get made in the interest of speed and schedules.

GitHub Security Code Scanning: Secure your open source dependencies

We are happy to announce Snyk Open Source support for GitHub Security Code Scanning, enabling you to automatically scan your open source dependencies for security vulnerabilities and license issues, as well as view results directly from within GitHub’s Security tab! A key ingredient of Snyk’s developer-first approach is integrating Snyk’s security data into the exact same processes that developers are using, whether this is within a developer’s IDE or a Git-based workflow.

Simplify Automation and Orchestration with a Data-driven Approach to SOAR and XDR

On the heels of announcing the closing of $22.5 million in new financing as a result of strong performance in 2020, I’m proud of our team’s latest innovation that we’re announcing today, ThreatQ TDR Orchestrator is a new data-driven approach to SOAR and XDR that accelerates threat detection and response across disparate systems for more efficient and effective security operations.

Securing AWS Fargate workloads: Meeting File Integrity Monitoring (FIM) requirements

Securing AWS Fargate serverless workloads can be tricky as AWS does not provide much detail about the internal workings. After all… it’s not your business, AWS manages the scaling of underlying resources for you. :) While the security and stability of Fargate’s system is an inherent feature, Fargate follows a shared responsibility model, where you still have to take care of securing those parts specific to your application..

Secure Session Transfer Between Web Apps on Different Domains

Writing a web application that supports securely logging into a website and managing your credentials is a surprisingly difficult task. You have to develop a way to manage sessions, understand how browsers store state (cookies), learn a cryptographically safe password storing technique (like bcrypt), all the while making sure you mitigate common web security vulnerabilities like XSS and CSRF.