Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The Twistlock Acquisition: An Analysis of Palo Alto Networks' strategy

Congratulations Twistlock! One of the best signs of an emerging market is when existing, massive players are willing to put hundreds of millions of dollars on the line to get into that market right now. Given today’s Twistlock acquisition by Palo Alto Networks, and other recent acquisitions like Heptio/VMware, we believe this is happening in the cloud-native market. Congratulations to Twistlock on their success.

Docker and Kubernetes in high security environments

Container orchestration and cloud-native computing has gained lots of traction the recent years. The adoption has increased to such level that even enterprises in finance, banking and the public sector are interested. Compared to other businesses they differ by having extensive requirements on information security and IT security. One important aspect is how containers could be used in production environments while maintaining system separation between applications.

Data-first Culture + Employees = Better CX

There’s a lot of talk about the ability of AI and machine learning to augment digital transformation journeys by creating better customer experiences and empowering employees to make decisions using data. However, IT and business leaders can sometimes face analysis paralysis when confronted with this topic because it means something different for every business – and it means shifting an entire company culture towards a new way of working. One key shift is making use of machine data.

How to build a home IT security lab: Episode 1

Hello all and welcome to the first episode of a new blog series focused on how to prevent WordPress site hacks. In this first post of the series, I will provide videos and articles that will comprise a set of tutorials to show you the ins and outs of building a home lab that will give you the flexibility to test, hack, or learn just about anything in IT.

Fitting automated security throughout the CI/CD pipeline

As companies compete with how fast new features and products can be released on the digital market, a byproduct of DevOps could be the neglect of sufficient and consistent information security throughout the pipeline – yes that means from start to the next improvement. Sure, automated security testing in production is a given, but what about during build and testing in the Continuous Integration and Continuous Delivery (CI/CD) Pipeline?

APRA Prudential Standard CPS 234: Information Security

According to the Cisco 2018 Asia Pacific Security Capabilities Benchmark Study, 90 percent of Australian companies report that they receive up to 5,000 cyberthreats per day. For cybercriminals, Australia’s superannuation funds, banks, and insurers make for attractive targets. It is essential that these industries can protect and secure their data, including the data of their clients and customers, and respond quickly and robustly if a critical cyber-attack occurs.

How to Secure Your Information on AWS: 10 Best Practices

The 2017 Deep Root Analytics incident that exposed the sensitive data of 198 million Americans, or almost all registered voters at the time, should remind us of the risks associated with storing information in the cloud. Perhaps the most alarming part is that this leak of 1.1 terabytes of personal data was avoidable. It was simple negligence.

The Language of Risk: Bridging the Disconnect between the C-Suite and Cyber Security Experts

With data breaches regularly marking the headlines, it is no surprise that digital threats constitute an increasingly significant concern for the C-Suite and cyber security experts. What is surprising, however, is that these two groups don’t seem to share the same view of information security. They have different opinions when it comes to the digital threat landscape in general as well as their organization’s level of preparedness in particular.