You’ve heard of DevOps. And by now, you’ve probably also heard of DevSecOps, which extends DevOps principles into the realm of security. In DevSecOps, security breaks out of its “silo” and becomes a core part of the DevOps lifecycle. That, at least, is the theory behind DevSecOps. What’s often more challenging for developers to figure out is how to apply DevSecOps in practice. Which tools and processes actually operationalize DevSecOps?

Mobile devices and mobile apps have become a primary way for most of us to get work done and manage our lives. This is why I’m excited that Telkomsel has partnered with Lookout to launch Telkomsel Mobile Endpoint Protection (MEP) and Telkomsel Mobile App Protection (MAP). These solutions are powered by the cloud-delivered Lookout Security Graph.

Here at Tripwire, we, like many others, recently surpassed the one-year anniversary of working from home due to the COVID-19 pandemic. Since March of 2020, we have converted kitchens, spare bedrooms and garages into office spaces. Our pets and children have become our coworkers, and companies are reporting a sudden increase in shirt sales as opposed to pant sales.

To be shortlisted by the SC judges, in what is now our fifth successive year as a finalist, is a source of pride for the whole Redscan team. We’ve been recognised at the SC Awards in the past, with high commendations in 2020, 2019 and 2017, as well as the award for Best Customer Service in 2018.

As we know, Tripwire Enterprise (TE) is the de-facto go-to solution for File Integrity Monitoring (FIM). In normal operations, we deploy a TE agent to a system we want to monitor. TE then uses that agent to baseline the system against the appropriate rules, creating a known good state for that system. Moving forward, that system is monitored for change per the rules that were used to create the baseline.

On March 9, 2021, Verkada, a software company that specializes in making security cameras for monitoring physical access control, was subject to a security hack. Hackers gained access to the video feed of at least 15 thousand cameras deployed across various locations and exposed the inner workings of hospitals, clinics, and mental health institutions; banks; police departments; prisons; schools; and companies like Tesla and Cloudflare.

Internet of Medical Things (IoMT) products refer to a combination of medical applications and devices connected to healthcare information technology systems through an online computer network or a wireless network. IoMT devices rely heavily on biosensors, critical in detecting an individual's tissue, respiratory, and blood characteristics. Non-bio sensors are also used to measure other patient characteristics such as heart and muscle electrical activity, motion, and body temperature.

The principles of cyber security architecture are indeed similar to IT architecture. Networks are only going to expand, technology is going to evolve, and one constant question on every organisation’s mind is “How to ensure the protection of our assets?”. This concern is further heightened in companies whose services are mainly digitised, accounting for over 60% of UK businesses.

The CVE-2021-20291 medium-level vulnerability has been found in containers/storage Go library, leading to Denial of Service (DoS) when vulnerable container engines pull an injected image from a registry. The container engines affected are: Any containerized infrastructure that relies on these vulnerable container engines are affected as well, including Kubernetes and OpenShift.

Though digital transformation is necessary, it's accompanied by some serious risks. This is the scaling conundrum of 2021 - organizations must embrace digitization to remain relevant, however, the greater the digital transformation, the greater the associated digital risks. Thankfully, with the correct digital risk management, organizations can continue to safely embrace digital transformation while mitigating the byproduct of digital risks.