News reports on attacks on the “supply chain” are becoming an almost every-day occurrence. First there was SolarWinds, then Kayesa, followed by countless other large and small supply chain attacks. Global businesses, economies, and lives are intricately connected to each other through applications and the internet. When critical systems are attacked and operations are affected, the downstream problems quickly become apparent.

Binary diffing, a technique for comparing binaries, can be a powerful tool to facilitate malware analysis and perform malware family attribution. This blog post describes how AT&T Alien Labs is leveraging binary diffing and code analysis to reduce reverse-engineering time and generate threat intelligence.

Discover what CIEM Security is and how easy it is to implement with Sysdig Secure for cloud. Over-permissioned accounts and roles is the most common cloud service misconfiguration security problem. Implementing least privilege is a crucial best practice to avoid or mitigate risks of data breaches and contain privilege escalation and lateral movement.

Snyk Code has had a tremendous 2021. It started the year supporting three languages — Java, JavaScript, and TypeScript — and has since added Python, C#, PHP, Ruby, and Go. More languages and features are on the horizon, and in this article, we’re happy to announce the addition of Swift and Salesforce’s Apex support, as well as API and GraphQL security. Let’s get into it!

This August we commissioned a survey of over 1,400 senior IT decision-makers and business executives in the US, UK, and Canada. Our initial publication of the findings dug deep into their thoughts and attitudes on many issues, including nation-state attacks and hybrid work. In addition, however, our survey featured several questions on cyber insurance. So in this article, we’ll provide the cyber insurance insights shared by the survey respondents.

Sumo Logic is constantly improving our Cloud SIEM solution to meet the needs and demands of our current and future customers and help them modernize their security operations. Via our cloud-native platform, our engineers perform continuous delivery of product features and improvements to all Cloud SIEM customers—simultaneously—several times each week.

With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing the enterprise. Anti-Malware technologies have become an afterthought in many organizations, a technology that they’ve always had, always used, and never really thought about. This control serves as a reminder that this technology is as critical as it ever was and lays out the minimum requirements for ensuring your malware defenses are up to the task.

Proper implementation of a user and entity behavior analytics (UEBA) tool can solve lots of cybersecurity challenges by detecting well-hidden and slowly executed attacks, automating the analysis of alerts and logs, and speeding up incident investigation. It can even help you improve employee productivity. But implementing a UEBA solution also requires a lot of time and effort along with a clear understanding of how you are going to use it.

A successful breach can do serious damage to a business, costing a company millions of dollars in lost revenue, exposed intellectual property, downtime, reputation loss and fines. The right practices can help keep a company safe — but only if they know what threats to look for, and where their network is weakest. Cyber threat intelligence is the process through which companies identify weaknesses in their own networks.