Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Endpoint security: The key to protecting your enterprise

To operate efficiently, businesses today use numerous devices such as laptops, desktop computers, and mobile devices. Securing all these devices—collectively called endpoints—significantly improves the overall security of your enterprise’s IT network. This blog can help you get started with endpoint security. To begin with, let’s define endpoint security.

Securing your SaaS apps in 2020: 3 pillars you can't neglect

In 2010, cloud computing just started to lead the IT revolution. It’s 2020 and the cloud is already mainstream. If you’re not running your business in virtual yet, you’re missing out on huge profit opportunities and capabilities that the cloud has to offer. Adopting a cloud strategy brings better security, increased stability and overall greater flexibility for your organization.

The NHS has suffered only six ransomware attacks since the WannaCry worm, investigation reveals

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since. A report published by Comparitech, based upon Freedom of Information requests, reveals the somewhat surprising news that since WannaCry there have only been six recorded ransomware attacks against the NHS.

Building a Circuit Breaker in Node.js (Part 1)

Circuit breakers were originally designed to protect electrical circuits from damage. Software development has adopted the concept as a type of resiliency pattern and it can now be found commonly in the cloud-native and microservices stacks. They can also be valuable in any codebase that needs to offer more flexibility, especially when relying on third-party APIs. Welcome to Part 1 of this two part series on building a circuit breaker in Node.js.

Simplifying Secure Server Access with Teleport's Approval Workflow

Back in the early 2010s, a Forrester researcher, John Kindervag, noticed that corporations had a binary view of trust and privilege. Once new employees have completed training, they are given full access to all the tools and VPNs needed to get their job done. Once they are logged on, they are trusted completely. Kindervag noticed that “trust” is a vulnerability that can be exploited. Since then, awareness of Zero Trust implementations has grown, in particular Google’s BeyondCorp.

Why is Vendor Risk Management Important?

Engaging third-party vendors for the provision of goods and services is not a new concept, so why has vendor risk management become so important? Vendor risk management is important because managing vendor risk is foundational to cybersecurity, ensuring business continuity and maintaining regulatory compliance. A robust vendor risk management (VRM) program can help organizations under their vendor risk profile and mitigate third-party and fourth-party risk rather than relying on incident response.

On Authorization and Implementation of Access Control Models

There are dozens of implementations of authorization mechanisms. When there are complex requirements dictated by business processes, authorization mechanisms may often be implemented incorrectly or, at least, not optimally. The reason for that, in my opinion, is the low attention of both the customer and developers to this aspect in the initial stages of the project and, at the same time, insufficient assessment of the impact of necessary requirements.

The Vulnerability Management Maturity Model and Its Stages

The need for a mature cybersecurity process in today’s corporate environment is becoming ever more critical. As hackers are becoming more and more sophisticated, so our management and defense systems should also be strengthened accordingly. While there are many components that make up a solid security program within an organization, today, we will shed a light on one essential of these components, which is a vulnerability management maturity model.