Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Emerging Public Cloud Security Challenges in 2020 and Beyond

According to last year’s Gartner forecast, public cloud services are anticipated to grow to $USD 266.4 billion by the end of this year, up from $USD 227.8 billion just a year ago. Clearly, cloud computing is making its way to cloud nine, (See what I did there?) leveraging the sweet fruits of being in the spotlight for a decade. However, the threats to public cloud security are growing at the same rate.

Best Tools for Building Your DLP Tech Stack

Most organizations are aware that data loss prevention must be a top priority – but few understand how different tools and policies must be leveraged in combination to create complete, 360-degree protection for critical data. Data loss prevention (DLP) has traditionally focused on securing data on devices – laptops, phones, and internal company networks.

The Second Critical Step to Building the Modern SOC

The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the second in a series of posts about the four steps that highlight some of the most important concepts. The first post covered Step 1, which is about establishing a foundation of centralized, scalable visibility. This post excerpts Step 2, extracting intelligent insights from your data.

AppSec Decoded: The consequences of insecure IoT devices

Watch the latest video in our AppSec Decoded series to learn why manufacturers should consider building security into their IoT devices. Application Security Decoded: Manufacturers should build security into their IoT devices | Synopsys - YouTube An error occurred. Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser.

IT security under attack blog series: Instant domain persistence by registering a rogue domain controller

In this blog in the IT security under attack series, we will learn about an advanced Active Directory (AD) domain controller (DC) attack to obtain persistence in AD environments. Dubbed DCShadow, this is a late-stage kill chain attack that allows a threat actor with admin (domain or enterprise admin) credentials to leverage the replication mechanism in AD to register a rogue domain controller in order to inject backdoor changes to an AD domain.

What is Third-Party Risk Management?

Creating and maintaining relationships with third parties brings about multiple risks. Whether your organization is large or small, it’s almost certain that you have business relationships with many third parties for specific types of operations. When operational data and confidential information are exchanged with third parties, that data and information are vulnerable to misuse and exploitation. This is where risk comes into the equation.

SIEM Solutions and Data Protection Compliance

Security Information and Event Management (SIEM) systems are vital to each organization. They transform simple event logs from various applications to detailed, in-depth behavior analysis thanks to advanced visualizations and analytics and sometimes machine learning and AI. They contain a palette of aspects covering the most crucial information security issues.

Using Open Policy Agent for cloud-native app authorization

How companies like Netflix, Pinterest, Yelp, Chef, and Atlassian use OPA for ‘who-and what-can-do-what’ application policy. In the cloud-native space, microservice architectures and containers are reshaping the way that enterprises build and deploy applications. They function, in a word, differently than traditional monolithic applications.

Here Comes 2021: 5 Safe Bets and 5 Long Shot Predictions

As we learned in 2020, vendors predict, and the universe laughs. But this year we polled our experts at Netskope to get their view of the year to come. Here’s how we see 2021 shaping up for networking and security, in the form of some pretty safe bets, and some harder calls. As more organizations consolidate and move away from appliance-based security technologies, IT and security teams will realize the cost savings and operational efficiencies the move to cloud brings.

State of Software Security v11: Key Takeaways for Developers

We recently released volume 11 of our annual State of Software Security (SOSS) report, which analyzes the security activity and history of applications Veracode scanned during a one-year period. Giving us a view of the full lifecycle of applications, that data tells us which languages and vulnerabilities to keep an eye on, and how factors like scanning frequency can impact your remediation time.