The Ignyte Assurance Platform team has been awarded $100,000 from the Ohio Third Frontier Technology Validation and Startup Fund (TVSF) to develop and commercialize their cybersecurity and compliance automation software. “We are thrilled to have received this grant and to continue to drive towards our goal of fundamentally improving the way the defense industrial base complies with regulatory obligations like CMMC and FedRAMP,” said Max Aulakh, CEO of Ignyte.

Today, we’re excited to announce that ManageEngine has been recognized in 2021 Gartner Magic Quadrant for security information and event management (SIEM) for the fifth consecutive time. We are thrilled to be awarded this recognition yet again for our contribution to the world of cybersecurity. “Most enterprises were not prepared for the widespread changes in work environments following the COVID-19 pandemic.

As more companies migrate to the cloud, the way that companies protect data changes as well. In a traditional on-premises network architecture, companies were able to follow the “trust but verify” philosophy. However, protecting cloud data needs to take the “never trust always verify” approach. Understanding what a Zero Trust Architecture is and how to implement one can help enhance security.

LDAP is a way for organisations to store user credentials and use them later. It provides access control as well as mechanisms to read and modify data. If the LDAP server isn’t properly configured or secured with another layer of protection, then it could be vulnerable to an attack called LDAP injection. However, you can only protect your applications if you: 1) know what LDAP is and 2) understand what can go wrong with it.

Security metrics are vital for you as a security leader to track the progress of your security program and have effective risk-focused conversations with business and operations stakeholders. Security metrics pave the way for security initiatives, facilitate resource, help communicate resource allocation and help communicate results with relevant stakeholders throughout the organization.

A cybercrime organization with Russian origins called REvil claims to have infected 1 million systems across 17 countries. It is now demanding $ 70 million in bitcoins in exchange for a “universal decryptor” that will return users’ access. Hackers targeted the US IT company Kaseya, and then used that company’s software to infiltrate the victims’ systems, using a zero-day vulnerability.

In the first part of this blog series, we looked at security best practices for the base images which you might be using. But what happens to container image security when we add other things to it? Perhaps we’re installing additional software from upstream, and we’ve got custom applications of our own which might have their own dependencies also being installed.

An Advanced Persistent Threat is a sophisticated (rarely) multi-staged attack carried out by skilled and well-organised threat actors such as organised cybercrime syndicates and nation-state actors. The majority of the times, Advanced Persistent Threats (APT) are nothing more than a fancy name with much more media frenzy around the topic of cyber attacks.

Over the last year and a half, we all went through the monumental disruption of having just about everyone work from remote locations. We strained VPN infrastructure and out of necessity split tunnels became the norm, not the exception. Even if it meant the users were a bit more exposed, you really had no choice, as Zoom/Webex/Teams meetings can eat up bandwidth like nobody’s business. But now the users are starting to come back into the office, what’s the big deal?

Our latest State of Software Security: Open Source Edition report just dropped, and developers will want to take note of the findings. After studying 13 million scans of over 86,000 repositories, the report sheds light on the state of security around open source libraries – and what you can do to improve it. The key takeaway? Open source libraries are a part of pretty much all software today, enabling developers to work faster and smarter, but they’re not static.