Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

What is NIST SP 800-171? Tips for NIST SP 800-171 Compliance

NIST Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (NIST SP 800-171 or NIST 800-171), provides federal agencies with a set of guidelines designed to ensure that Controlled Unclassified Information (CUI) remains confidential and unchanged in nonfederal systems and organizations.

5 Ways Your Organization Can Ensure Improved Data Security

Each year on January 28, the United States, Canada, Israel and 47 European countries observe Data Privacy Day. The purpose of Data Privacy Day is to inspire dialogue on the importance of online privacy. These discussions also seek to inspire individuals and businesses to take action in an effort to respect privacy, safeguard data and enable trust. In observance of Data Privacy Day this year, here are five recommendations through which organizations can bolster their data security efforts.

It's Data Privacy Day Today...and Every Day

Today is Data Privacy Day, an event sponsored by the National Cyber Security Alliance. The intent is to promote awareness and best practices for how citizens should think about security and how it relates to their data, their organizations, and ultimately, our nation. At a time when we transact with all manner of data in so many form factors, we are inclined to overlook the importance of measures that keep our data and content safe.

Consuming Webhooks with Node.js and Express

Have you ever been building an application and thought: "I can make requests to this service's API, but is there a way for them to let my app know when X happens? You could try calling the API on a set interval. Take the response, compare it to the last, and go from there. This is polling, but it is inefficient and can be an easy way to hit rate limits. Instead, some APIs and services offer what's known as a webhook. Instead of contacting them, they contact you.

Using Auditbeat to protect your critical infrastructure

Beats are lightweight, purpose-built agents that acquire data and then feed it to Elasticsearch. Beats use the libbeat framework that makes it easy to create customized beats for any type of data you’d like to send to Elasticsearch. Auditbeat is a lightweight shipper from the Beats family that you can install on your servers to audit the activities of users and processes on your systems.

IBM and Sysdig team up to extend security governance with IBM Cloud Pak for Multicloud Management

Sysdig, an industry leader for monitoring and security of cloud-native workloads, and IBM have joined forces to bring a fully Integrated powerful platform that delivers the security and performance that enterprises need in today’s multi-cloud world. Sysdig Secure and the IBM Cloud Pak for Multicloud Management (MCM) can help you accelerate Kubernetes and cloud adoption by addressing security and regulatory compliance from the start on enterprise hybrid cloud environments.

Navigating ICS Security: Having your Action Plan Ready

Trust, respect, understanding. These are all two-way relationships that must be earned over time. Whilst someone being hired in a senior position will likely already have a certain level of each, part of your job is to continuously cultivate all three of these elements with colleagues no matter your grade. When working within a cybersecurity practice, it is critically important to have this level of understanding across large swaths of the workforce, from the senior level to operations teams.

The Outcomes of SIEM and SOAR in 2019 (Part 2)

Integration is one of the most critical features that every security product should have. But, unfortunately, this is not a case when it comes to too many traditional security tools. The organizations that were using SIEM with having integration capability remained secure to a large extent. For example, an effective SIEM can inject Threat Intelligence Feeds (TIF) from multiple different sources.

Brexit and the GDPR - what the EU Withdrawal Agreement means for data protection in the UK

Following a long period of political turmoil, the UK government’s Brexit withdrawal bill has completed its passage through the House of Commons and received royal assent. While this deal is merely the starting point of the Brexit process, it sets into motion an intensive period of trade negotiations which, regardless of whether a deal is agreed or not, could have a significant impact on the way that UK organisations operate.