Over the course of the past 10 years, traditional application development methodology (waterfall) has given way in favor of the more agile DevOps-centric methodologies focused on continuous delivery and continuous deployment. This trend was turbocharged in 2013 when Docker containers came onto the scene and ushered in the proverbial crossing of the chasm in container adoption. A recent Tripwire study revealed that 87% of surveyed organizations had containers deployed in production.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. From time to time we hear stories of supply chain infections, and they tend to affect a low but still significant number of projects. A team though have gone a bit further in seeing how far they could take it. The results are sobering.

Service Organization Control 2 (SOC 2) is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It is designed to ensure service providers and third-party vendors are protecting sensitive data and personal information from unauthorized access.

Organizations are stretched thin managing increasingly complex environments and ever-expanding threat landscapes. At the same time, adversaries are becoming more organized and sophisticated, resulting in more complex and advanced threats. The current workflow in the Security Operations Center (SOC) – how data is analyzed and acted on – is simply not working. There are too many tools, not enough visibility, and burned-out analysts.

Being one of the most important practices in cyber security, vulnerability management is a rather involved process that requires your time and resources. In this article, we will take a closer look at how SOAR solutions can help you in the process of vulnerability management.

The agriculture sector is a staple of critical global infrastructure. We need food to survive as human beings, and a loss of access to these assets could be physically and emotionally detrimental to hundreds of millions of people. The sector is made up of numerous organizations that support critical functions such as growing crops, raising animals, and harvesting fish and other animals from a farm, ranch, or their natural habitats.

In a bid to entertain their customers, airports, coffee shops, shopping malls - and literally all public places- provide free Wi-Fi. And because the traffic in and around these places is exceedingly high, their Wi-Fi networks aren’t as secure as you’d imagine. For what it is worth, your privacy can never be sufficiently protected by a 5 or even 10-digit login password that you are given.

Industrial organizations face a growing list of digital threats these days. Back in April 2019, for instance, FireEye revealed that it had observed an additional intrusion by the threat group behind the destructive TRITON malware at another critical infrastructure.

There are a number of smart devices becoming commonplace in homes around the world, leading us closer and closer to the reality of smart homes, or houses that depend primarily on interconnected smart tech. Heating, lighting, and common appliances like doorbells, alarms, and entertainment devices are now increasingly being designed to operate on the internet of things (IoT).

The calculus for disaster recovery and risk management is changing. Most small businesses within the past decade would often keep many of their critical technology assets locally, perhaps in a server closet, or a centralized data center for multiple offices. They built their own “vault” of applications, databases, email, files, etc., often on a few physical servers they would be wholly responsible for maintaining and eventually upgrading or replacing.