Eight vulnerabilities were discovered in Zephyr’s Bluetooth LE Stack using Defensics Bluetooth LE fuzzing solution.

To say that the past year presented its fair share of cybersecurity challenges to the InfoSec community would be a drastic understatement. The rapid migration to remote work at scale left 80% of CIOs unprepared, and SecOps teams struggled to confront the evolving threat landscape with disparate toolkits and skill sets. Not to mention that as more organizations shifted to hybrid and multi-cloud environments at scale, cloud complexity (and cloud-based threats) skyrocketed.

Insurance companies know how to protect their clients’ homes, cars, and businesses— but protecting the personal information of those customers is a bit harder to assure. While the insurance industry focuses on risk-based analyses for its own underwriting programs, firms also need to apply those same risk management processes to securing customer information.

A SOC 2 system description outlines the boundaries of a SOC report. It contains pertinent details regarding the people, processes, and technology that support your product, software, or service. As a reminder, the SOC framework stands for System and Organization Controls. It is a broad architecture that organizations can use to audit the internal controls of vendors and business partners before entering a relationship with those firms, to assess whether those firms have a robust security posture.

President Joe Biden recently signed an executive order which made adhering to cybersecurity standards a legal requirement for federal departments and agencies. The move was not a surprise. It comes after a string of high-profile cyber-attacks and data breaches in 2020 and 2021. The frequency and scale of these events exposed a clear culture of lax cybersecurity practices throughout both the public and private sectors.

Endpoint security is a hot topic of discussion, especially now with so many businesses shifting to remote work. First, let’s define what endpoints are. Endpoints are end-user devices like desktops, laptops, and mobile devices. They serve as points of access to an enterprise network and create points of entry that function as gateways for malicious actors. Since end-user workstations make up a huge portion of endpoints, we’ll be focusing on their security.

Artificial intelligence (AI) and machine learning (ML) systems have become the norm for using client data to provide recommendations to customers. As more people are working from home and conducting business online, it is imperative that fraud detection software is used to protect user information. But these protective systems also utilize ML to automate the process and understand when a potential attack is taking place.

Snyk is excited to announce the general availability of Snyk Container as an officially supported and published extension in the AWS CloudFormation Registry! The CloudFormation Registry lets you manage the extensions that are available for use in your CloudFormation account. Public third-party extensions, like Snyk Container, are made available in the registry for use by all CloudFormation users alongside those published by Amazon and must be activated before use on your account.

Many businesses are shifting workloads to the cloud in an effort to increase efficiency and streamline workloads. In fact, according to the Flexera 2021 State of the Cloud Report, roughly 90% of enterprises anticipate cloud usage will expand even further as a result of COVID-19. While cloud computing can offer organizations a competitive advantage, it is important not to rush into cloud adoptions without understanding the risks involved as well.

In an ambitious leap towards improving the Nation’s security posture, President Joe Biden has instituted an Executive Order to improve cyber threat information sharing between the U.S Government and the Private Sector. The goal is to align cybersecurity initiatives and minimize future threats to national security by modernizing cybersecurity defenses in the United States.