According to Forrester, the number of permanent, full-time remote workers is expected to increase by 300 percent or more compared to pre-pandemic numbers. Amid the chaos surrounding the pandemic, getting your entire workforce back to the office seems trivial, especially when many employees’ work can be done remotely. It’s no wonder that, according to Gartner, almost half of employees will continue to work remotely post COVID-19.

If anyone has benefitted from the pandemic, it has been cyber attackers. As businesses expanded their investment in cloud resources and other IT resources in response to the pandemic, cyberattacks also dramatically increased. Businesses reported 445 million cyberattack incidents in 2020, double the rate for 2019. It didn’t have to be this way. With stronger threat intelligence solutions in place, many of the security incidents of 2020 could likely have been averted.

Spencer Pearlman, Security Researcher at Detectify, presented A Hacker’s Approach to Finding Security Bugs in Open Source Software in a partnered webinar with friends at Debricked. Securing modern web applications takes new approaches, and this includes looking at it from a hacker’s perspective. Here are highlights from the presentation on how tech teams can apply the same hacker mindset to discover vulnerabilities in open-source software in their tech stack.

DevSecOps has fundamentally changed the way in which organizations approach security in modern software development. The role of developer security champion was created to meet the need for security to be tightly integrated into DevOps and DevSecOps practices. Read on to learn more about what developer security champions are and how they help promote secure coding best practices as organizations work toward continuous integration and delivery.

We’re happy to share new beta features of Snyk Infrastructure as Code (Snyk IaC) inside the Snyk CLI, adding support for Terraform plan scanning, plus performance and security improvements.

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.

This week, Collision (virtually) kicked off its annual conference, bringing together creatives, builders, influencers, innovators, and other great minds to cover some of the hottest topics in business and technology. Known as ‘America’s fastest-growing tech conference,’ this year Collision featured over 450 speakers with more than 100 hours of content to consume across the three-day event.

REvil is an ambitious criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence in April 2019, following the demise of another ransomware gang GandCrab. The REvil group is also known sometimes by other names such as Sodin and Sodinokibi. REvil has gained a reputation for attempting to extort far larger payments from its corporate victims than that typically seen in other attacks.

Despite the fact that developers are more tech-savvy than your average employee, software developers and engineers are still susceptible to security threats. In fact, software developers are a very appealing target for hackers.