Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Detectify security updates for 4 September

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users.

AppSec Tools Proliferation Is Driving Investments to Consolidate

When it comes to application security (AppSec), it’s important to note that no one testing type can uncover every flaw. Each tool is designed with a different area of focus, along with various speeds and costs – so it’s necessary to employ a mix of testing types. A good way to think about AppSec testing types is to compare them to health exams. You wouldn’t have a cholesterol test and assume your annual physical was complete.

How to Detect Ransomware

The second most common type of malware incident is the notorious ransomware attack. According to the Verizon 2020 Data Breach Investigations report, the primary aim of a ransomware attack is “to disrupt operations badly enough and long enough that the organization will pay the ransom.” The average ransom payment in Q2 2020 was a whopping $178,254 — a 60% increase from Q1.

Fix now: High risk vulnerabilities at large, September 2020

Since the start of the pandemic we’ve been writing about the latest CVEs to look out for in our risk based vulnerability management blog. As we head into the Autumn and the nights begin to draw in, threat actors continue to exploit vulnerabilities the world over. Let’s take a look at some that have raised their profile in the last couple of weeks.

What are The Types of Dashboards in a SIEM Solution?

Dashboards are an integral component of any effective SIEM solution. After log data is aggregated from different sources, a SIEM solution prepares the data for analysis after normalization. The outcomes of this analysis are presented in the form of actionable insights through dashboards. Many SIEM solutions come with pre-configured dashboards to simplify the onboarding process for your team. Besides, an ideal solution should also allow an organization to customize dashboards as per its requirements.

Why Patch Management Is Important and How to Get It Right

Many software developers tend to see patch management as another tedious security task that gets in the way of the development process. However, considering Forresters’s recent State of Application Security Report for 2020 predicted that application vulnerabilities will continue to be the most common external attack method, patch management is a critical part of the vulnerability management process that organizations can’t afford to neglect.

Why Network Peering & Interconnections Matter

In previous blogs on the Netskope NewEdge network, we’ve discussed concepts including Secure Access Service Edge (SASE) architecture and why counting data centers alone is meaningless when trying to understand cloud service coverage. Now that we’ve laid the foundation it seems like a good time to get into what’s needed in terms of architecting the actual network and the connections required.

Celebrate Open Source Day with Gravitons on September 4th!

I was going through a row of photography books in an antique store when I got a call from Bucky Moore, our lead investor and a board member. “Let me know if you need anything from me. This is getting serious,” he said. He seemed concerned. It was Sunday, March 22nd, right after the shelter in place order went in effect here in California. The next day, COVID-19 was no longer just in the news, it was everywhere.