At Outpost24, we’re committed to providing information security testing solutions to not only fit seamlessly into the SDLC, but also to enhance our customers’ experiences in implementing and maintaining their best practices to ensure their SDLC leads to a strong security posture and comprehensive resiliency around their full stack.
As more and more businesses were forced to move to the cloud with the COVID-19 crisis, content and data have proliferated across devices, users, apps, and locations as a result of the new, mass work-from-anywhere reality. This brought a growing set of challenges to prevent data silos and content sprawl while remaining compliant with data regulations and governance.
Data stream clustering refers to the clustering of data that arrives continually such as financial transactions, multimedia data, or telephonic records. It is usually studied as a “Streaming Algorithm.” The purpose of Data Stream Clustering is to contract a good clustering stream using a small amount of time and memory.
Defensics is a generational fuzzer, which means it creates test cases based on a detailed model of the input data. The result: test cases that are very realistic but messed up in some way. This technique is highly effective in burrowing into different control paths in the target and revealing vulnerabilities. Subjectively speaking, the test cases have high quality. The disadvantage of generational fuzzing is that somebody has to create the data model for the inputs you are fuzzing.
The number of cyberattacks launched on organizations continues to rise every year. More attacks means more security alerts that security analysts have to triage each day. Many security teams have turned to a security orchestration, automation and response (SOAR) tool to help them automate the ever-increasing volume of security alerts, and respond to threats faster and more comprehensively.
Most modern software today has moved aggressively into using third-party open source dependencies to reduce duplication and accelerate development by using pre-existing code.
Virtual Private Networks, or VPNs, are not exactly a new technology. When I started my career in IT about 15 years ago, VPN tunnels were the standard way we connected remote offices by extending private networks over the public Internet. Recently, as workforces continue to decentralize due to the rise of Cloud Computing as well as the current pandemic, VPN has become an even hotter topic and is being marketed as a critical security solution.
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. With the rising concern over cybersecurity in remote work, this week we explore the concept of the Zero Trust model in cybersecurity.
According to McAfee, Adaptive Threat Protection (ATP) is an endpoint security’s optional module that analyzes organizational content and decides action based on file rules, reputation, and reputation thresholds. According to another source, the ATP is a security model that monitors threats, improves cybersecurity risks changes, and evolves to meet the need for security systems that are integrated with IT for continuous deployment, as well as in hybrid environments and the virtual cloud.
Every organization needs to keep tabs on other players in the industry in order to stay competitive. It’s common for an organization to analyze a competitor’s website, perform secret shopping trips, and monitor a competitor’s marketing strategies. This type of competitive research is perfectly legal. But if an organization unlawfully obtains another company’s sensitive information, it is considered industrial espionage, which is illegal.
