Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Write Code That Protects Sensitive User Data

Sensitive data exposure is currently at number 3 in the OWASP Top 10 list of the most critical application security risks. In this blog post, we will describe common scenarios of incorrect sensitive data handling and suggest ways to protect sensitive data. We will illustrate our suggestions with code samples in C# that can be used in ASP.NET Core applications. OWASP lists passwords, credit card numbers, health records, personal information and business secrets as sensitive data.

Back to school? Secure your Chromebooks!

Here at Lookout, we spend a lot of time talking about how best to secure tablets and smartphones. That’s because they dominate our lives. But as some of our daily routines continue to stay virtual and our kids return to school, the importance of securing Chromebooks has become top of mind. Chromebooks have become an essential tool for schools that transitioned to distance learning in the spring.

Report: No Organization's Security Culture Has Received 'Excellent' Score

Security culture matters to executives, but these individuals are struggling to implement it. In a November 2019 study commissioned by KnowBe4, 94% of individuals with managerial duties or higher in security or risk management said that security culture was important for their organization’s success.

Innovation in clinical genomics starts with DLP for Boston Lighthouse

Boston Lighthouse Innovations is a start-up that offers a clinical genomics solution suite with processing and reporting workflows for patient diagnostics. The nine-person team grew out of Massachusetts General Hospital’s molecular pathology department, which uses genetic data to diagnose cancer.

BSIMM11: Tracking the cutting edge of software security initiatives

The Building Security In Maturity Model (BSIMM)—the annual report on the evolution of software security initiatives (SSIs)—is gaining some maturity itself. The latest report, which went public this week, is the 11th iteration. Some things haven’t changed. The fundamental goal remains what it was at the start, more than a decade ago.

When It Comes to Security of the Platform, We Mean Business. Here's How.

At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.

Preparing for Zero Trust and planning your strategy

I listened in on a neat webcast recently, which was jointly produced by AT&T Cybersecurity and Palo Alto Networks: “Preparing for Zero Trust and Planning your Strategy.” Panelists were John Kindervag, Field CTO, Palo Alto Networks, Steve Sekiguchi, Director, AT&T Chief Security Office, Bindu Sundaresan, Director, AT&T Cybersecurity and Tawnya Lancaster, Lead Product Marketing, AT&T Cybersecurity.

The Migration From PA-DSS to SSF: Everything You Need to Know

Technology is constantly changing and advancing. Payment platforms are no exception. As these new platforms emerge, the software supporting the platform must be reliable and secure. Without secure payment platforms, payment transactions and data could be compromised. The PCI Software Security Framework (SSF) sets standards and requirements for both traditional and modern payment software.

43% of Orgs Think DevOps Integration Is Critical to AppSec Success

It’s no secret that the rapid speed of modern software development means an increased likelihood of risky flaws and vulnerabilities in your code. Developers are working fast to hit tight deadlines and create innovative applications, but without the right security solutions integrated into your processes, it’s easy to hit security roadblocks or let flaws slip through the cracks.

Using the Cost of a Data Breach to Maximize Your ROI on Your Security Tools

The 2020 Cost of Data Breach report from IBM and the Ponemon is out. It provides a detailed analysis of causes, costs and controls that appeared in their sampling of data breaches. The report is full of data, and the website allows you to interact with its information so that you can do your own analysis and/or dig into aspects relevant to you and your industry.