Every organization is adopting the cloud, but there are some companies that are reaping a larger number of benefits from cloud transformation than others. Making an effort to adopt the cloud is simply not enough to realize the benefits. The organization that prepares for efficiently managing risk will be able to capture a larger percentage of the benefits than one that has not.

We just recently unveiled the industry’s first mobile endpoint detection and response (EDR) solution. This is an industry game changer as we are providing the same tools the Lookout security researchers use to hunt for novel threats to our customers to investigate cyberattacks. If you want to learn more about how we did it, I strongly encourage you to read our Chief Strategy Officer Aaron Cockerill’s blog on the announcement.

The worlds of information technology (IT) and operational technology (OT) are colliding. In July 2019, Automation.com cited a survey finding where 82% of respondents told Forrester and Nozomi Networks that their organizations were in the early stages of an IT-OT convergence. Some said their organizations were embracing this meeting more fully. This finding begs several questions. Why are IT and OT converging?

Digital attackers are increasingly turning their attention to the cloud. According to the 2020 Trustwave Global Security Report, the volume of attacks targeting cloud services more than doubled 7% in 2018 to 20% a year later. This growth made cloud services the third most-targeted environment after corporate and e-commerce at 54% and 22%, respectively. These trends highlight the need for organizations to secure their cloud environments.

Nightfall Data Loss Prevention (DLP) is now available as a CircleCI orb. CircleCI orbs are reusable snippets of code that help automate repeated processes, speed up project setup, and make it easy to integrate with third-party tools. With the Nightfall DLP orb, you can scan for sensitive items and prevent developers from accidentally committing sensitive information. We’re excited to announce our launch with CircleCI and share what you can do with the Nightfall DLP orb.

In our previous article we talked about Synthetic Monitoring—a technique used to automate the testing and monitoring of resources by performing simulated user interactions and API calls. Now we're going to look at a complimentary technique called real-user monitoring which takes a more passive hands-off approach.

With recent global health events resulting in a surprise shift to an either completely remote or hybrid remote workforce for many organizations, the need to leverage mobile devices as work endpoints has grown significantly. This has created challenges for IT in maintaining both the ability to manage a wide range of devices, as well as securing them in a way that achieves corporate security objectives and governance.

When AT&T Incident Response Consultants first engage a client during a ransomware incident, the situation is often very chaotic. The client's ability to conduct business has stopped; critical services are not online, and its reputation is being damaged. Usually, this is the first time a client has suffered an outage of such magnitude. Employees may wrongly fear that a previous action is a direct cause of the incident and the resulting consequences.

Whether it’s a security assessment, a vulnerability scan, a red team or a pen test – What’s common? To identify issues and mitigate them from an organizational risk perspective. This article is aimed at weeding out various confusions from the readers mind. Stock up your caffeine, we are going to cover these areas under this topic.

While auditing the Kubernetes source code, I recently discovered an issue (CVE-2020-8566) in Kubernetes that may cause sensitive data leakage. You would be affected by CVE-2020-8566 if you created a Kubernetes cluster using ceph cluster as storage class, with logging level set to four or above in kube-controller-manager. In that case, your ceph user credentials will be leaked in the cloud-controller-manager‘s log.