Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

cyberark

Reshaping IGA for the Modern Enterprise: Welcome Zilla Security to CyberArk

Feb 14, 2025 By Matt Cohen In CyberArk
This week, we announced an important development in our journey to deliver the industry’s most powerful, comprehensive identity security platform. CyberArk has acquired Zilla Security, a leader in modern Identity Governance and Administration (IGA) solutions, bringing their cutting-edge, AI-powered technology into the fold of our industry-leading platform.
Read Post
vanta

The startup guide to making your first security hire

Feb 14, 2025 By Vanta In Vanta
As a startup founder, it can be difficult to know when it’s time to expand your team. Sales and engineering were likely your top priority hires to fuel your product development and growth. But knowing where to focus next is often murky for early-stage startups. As you build your company, it becomes increasingly clear that security and compliance are vital parts of a successful business, but hiring for them can feel like a luxury instead of a necessity. ‍
Read Post
vanta

The risks of waiting on compliance

Feb 14, 2025 By Vanta In Vanta
Startup founders constantly face competing demands as they build and scale their businesses. Engineering, product design, and sales all have legitimate claims to be the most urgent priority and sole focus of attention. ‍ These pressures lead many founders to defer security and compliance investments until later. With small teams and limited financial resources, founders top priorities are building their product and acquiring their first customers.
Read Post
knowbe4

New Research: Ransomware Data Extortion Skyrocketing

Feb 14, 2025 By Stu Sjouwerman In KnowBe4
Data theft extortion attacks increased by 46% in the fourth quarter of 2024, according to a new report from Nuspire. These incidents have become a routine part of ransomware attacks, since the threat of a data breach puts additional pressure on victims to pay the ransom. Ransomware gangs published stolen data on leak sites more than 2,200 times during Q4 2024. The finance and insurance industry saw the sharpest rise in data theft extortion last quarter.
Read Post
Corelight

Understand and detect MITRE Caldera with Zeek

Feb 14, 2025 By Keith J. Jones In Corelight
MITRE’s Caldera is a cybersecurity platform developed to simulate adversarial tactics, techniques, and procedures (TTPs). Built upon the MITRE ATT&CK framework, Caldera is an open-source tool designed to help cybersecurity professionals and organizations assess their defenses, uncover vulnerabilities, and enhance their overall security posture. By emulating real-world cyber threats, Caldera enables blue teams to test detection and response mechanisms under realistic conditions.
Read Post
graylog

Using MITRE ATT&CK for Incident Response Playbooks

Feb 14, 2025 By Jeff Darrington In Graylog
A structured approach to incident response enables you to create consistently repeatable processes. Your incident response playbook defines responsibilities and guides your security team through a list of activities to reduce uncertainty if or when an incident occurs. MITRE ATT&CK Framework outlines the tactics and techniques that threat actors use during different stages of an attack.
Read Post
securitysenses

Testing Authorization Policies in CI/CD Environments: Best Practices

Feb 14, 2025 By SecuritySenses In SecuritySenses
When you're nearing bringing a new update to production, you may rather not want to realize that everyone and anyone has complete open access to sensitive data, just before you're about to deliver the update. Misconfiguring or properly not configuring an authorization policy could lead to a scenario just like that. Things move fast in the CI/CD environment, with code changes and constant deployments, so it's not hard to see how a security mistake can slip under the radar. But when it does, you can expect security breaches, regulatory violations, and huge losses, are swiftly follow. And you definitely want to prevent those.
Read Post
securitysenses

How to Maintain Network Security During a NetSuite Implementation

Feb 14, 2025 By SecuritySenses In SecuritySenses
NetSuite is one of the most secure Enterprise Resource Planning (ERP) software systems available, including multi-factor authentication and token-based application authentication. However, implementing NetSuite is often a long process that can entail numerous contractors and other parties working within your system. During the transfer and adjustment period, you must take extra care with your data security to ensure that everything is moved properly and no data is lost. Today, we'll explore how you can ensure that your data is safe during this critical transition period.
Read Post
securitysenses

IT Staffing Challenges for MSPs: How to Build a Skilled and Secure Workforce

Feb 14, 2025 By SecuritySenses In SecuritySenses
Managed Service Providers (MSPs) are playing an increasingly critical role in handling IT operations, cybersecurity, and cloud infrastructure for businesses. This reliance has created a demand for highly skilled professionals capable of maintaining security, managing networks, and adapting to evolving technologies. However, MSPs face significant challenges in attracting and retaining top IT talent, making workforce stability a pressing concern.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.