Late December 2021: A company coming off a record year for revenue growth was preparing to ramp down for a week to celebrate the December holidays. However, unbeknownst to the company, just a few days prior, one of its longest-serving employees had been recruited by a ransomware group. The employee had responded to a posting on a computer hacking forum asking for access to corporate networks in return for cash payouts.

You’ve probably seen the term AIOps appear as the subject of an article or talk recently, and there’s a reason. AIOps is merging DevOps principles with Artificial Intelligence, Big Data, and Machine Learning. It provides visibility into performance and system data on a massive scale, automating IT operations through multi-layered platforms while delivering real-time analytics.

This article is the first in a series that will discuss some of the most common issues with HTTP security headers, which are often relatively easy to implement and can have a significant impact on the overall security posture of your application. We’ve previously talked about the proactive and reactive styles of application development and security testing. In this article, we discuss HTTP headers which are a common misconfiguration.

Passwords have been the long-time guardian of our personal lives and data ever since the dawn of the internet. Though passwords might still retain most of their relevance, they are not robust enough to protect today’s digital economy.

This blog was written by an independent guest blogger. There are more online stores and services available than ever, and you are able to shop for almost anything online whether it's groceries or insurance. There are many ways to protect yourself while browsing the internet, and one of those ways is to choose reputable businesses with strong security. Although there are standards for online businesses to follow, some have better safety measures in place than others.

As our online lives become subject to new and evolving threats, we’re doubling down on protecting the digital privacy and peace of mind of everyday people – at home and at work. 1Password has raised $620 million (USD) in the largest funding round ever for a Canadian company. Our latest round was led by ICONIQ Growth, with participation from other wonderful partners including Accel, Tiger Global, Lightspeed Venture Partners, and Backbone Angels.

The Cambridge Dictionary defines a policy as: “a set of ideas or a plan of what to do in particular situations that has been agreed to officially by a group of people, a business organization, a government, or a political party.” And in the context of software development, your organization may have some rules about how a policy is built, configured, deployed, and used. Some examples of software policies include.

How prepared is your business to fend of bad actors seeking to infiltrate your network systems and breach your data? Imagine, if you will, the following scenario: It’s 5:30 am, and an employee has just clicked a malicious link in a phishing email. An attacker, armed with ransomware, has just gained access to your enterprise.

The increasing number of yearly reported data breaches and new critical vulnerabilities, such as log4j, impacting both small and large businesses shows that cyberthreats are real and targeting everyone. You can minimize risk by implementing runtime security and having an incident response plan in place to contain attacks. But, in container environments, responding fast to incidents is challenging.

On Jan. 15, 2022, a set of malware dubbed WhisperGate was reported to have been deployed against Ukrainian targets. The incident is widely reported to contain three individual components deployed by the same adversary, including a malicious bootloader that corrupts detected local disks, a Discord-based downloader and a file wiper. The activity occurred at approximately the same time multiple websites belonging to the Ukrainian government were defaced.