PCI DSS compliance ensures your customer’s credit card data is protected from hackers and compromise attempts. Though complying with this regulation isn’t easy, it is possible. To simplify this essential effort, we’ve compiled a checklist of the key security metrics that should be addressed to meet the compliance requirements of this critical information security standard.
NIST compliance is mandatory for any entity and service provider processing Controlled Unclassified Information (CUI) on behalf of the US Federal Government. Given the substantial risk to national security if this sensitive data is exploited and the high potential of its compromise through supply chain attacks, the range of organizations expected to comply with this cybersecurity regulation is intentionally broad.
Microsoft continues to develop, update and improve features to monitor and prevent the execution of malicious code on the Windows opearting system. One of these features is AppLocker. This feature advances the functionality of software restriction policies and enables administrators to create rules to allow or deny applications from running based on their unique identities (e.g., files) and to specify which users or groups can run those applications.
The world of software development moves fast, and it's constantly evolving. Containerization technologies, especially Docker, are among today's most preferred virtualization technologies. Although Docker containers are "sufficiently" secure by default, configuration errors in a Dockerfile might lead to critical security risks or degraded system performance.
AT&T Cybersecurity is pleased to announce a code-free way for our USM Anywhere customers to make their own API-driven log collectors and custom parsers. This big advancement in threat detection and response technology will make it possible for customers to collect information from a much larger variety of sources and SaaS services without having to request new integrations or log parsers.
The southern African nations of Lesotho and Namibia have newly begun programs for users to re-register their SIM cards with their biometrics and digital IDs, adding them to the list of newly joined countries adapting to the new norms in Africa. South Africa is also set to schedule biometric SIM registration, with further plans to push ‘ID4Africa’ as a type of incentive-based identity enrollment approach for governments.
In Part 1 of this four-part blog series examining wiper malware, we introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers to destroy system data. In Part 2, CrowdStrike’s Endpoint Protection Content Research Team discusses how threat actors have used legitimate third-party drivers to bypass the visibility and detection capabilities of security mechanisms and solutions.
Whether you’re learning cloud-native workload protection for the first time or running all your microservice workloads in production, you probably already noticed that cloud-native security is much different from security design used for traditional monolith applications. The dramatic increase in complexity and the evolving threat landscape make cloud and container security even more critical and harder to manage.
Today we’re announcing a new container security cheat sheet and report — created in collaboration with our partner Sysdig. Download cheatsheet In this post, we’ll outline tips to help you successfully navigate the challenges of container security with a focus on three core principles: Traditional security approaches are incapable of handling the distributed and ephemeral nature of containers.
