When you think about how to automate processes within the IT industry, your mind probably goes first to tools. After all, the past decade has witnessed an explosion of tools from across the industry that promise to make it easy to automate virtually every aspect of IT operations — from low-code development solutions that automate coding, to release automation tools for applications, to automated monitoring and security platforms.

One of the major buzzwords when talking about cyber incident response is playbooks, advanced workflows with specific actions tailored to deal with and respond to cyber incidents. Over the past few security conferences, I have noticed something of a trend emerging that centers on the uncertainty and hesitance that some incident response teams have regarding the use of playbooks and, in particular, around the notion of automation in incident response.

Here’s an obvious statement for you: mobile applications are essential to how we go about our lives. From sharing files with colleagues to managing finances and connecting with family and friends, they seem to be able to do everything we need. But here’s the catch: developers rarely build apps from scratch and security is not typically their top priority. To quickly add features, they often rely on prepackaged code known as software development kits (SDKs).

The work-from-anywhere economy has opened up the possibility for your human resources team to source the best talent from anywhere. To scale their operations, organizations are leveraging the cloud to accelerate essential HR functions such as recruiting, onboarding, evaluating and more. SAP is leading this HR transformation with its human capital management (HCM) solution, SAP SuccessFactors.

The emerging Cybersecurity Maturity Model Certification (CMMC) will mandate nearly the entire federal government supply chain and over 300,000 contractors to get audited and certified against the CMMC protocol. The caveat is that some organizations that build Commercial-Off-The-Shelf items or Commercially Available Off-The-Shelf (COTS) products for the Department of Defense (DoD) do NOT require a CMMC certificate . However, the devil is in the details!

On August 21, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released an urgent notice related to the exploitation of ProxyShell vulnerabilities ( CVE-2021-31207 , CVE-2021-34473 , CVE-2021-34523 ). By chaining these vulnerabilities together, threat actors are compromising unpatched Microsoft Exchange servers and gaining footholds into enterprise networks.

Invisible application security is the concept of integrating and automating AppSec testing with little interruption to developer workflows. I really love the keyless entry system on my car. The “key” is not a key in the traditional sense; all I have to do is put it in my pocket and forget about it. When I reach for the car door handle, it simply unlocks. When I leave the car, I wave my hand over the handle to lock the car.

On August 5, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) announced the standup of the Joint Cyber Defense Collaborative (JCDC) , a new agency effort to lead the development of cyber defense operations plans.

Endpoint security technologies are vitally important in today's world of remote work. Hackers are finding new vulnerabilities to attack constantly. Here are 5 endpoint security technologies to defend against cyber threats.

Slack as a product is constantly expanding with new functionality and integrations. Slack Connect is among the most popular new features Slack introduced in the past year and is growing in popularity because it’s an easy way to stay connected with people you work with outside your organization — in real time with all the features that Slack offers. ​​As new improvements or upgrades for Slack are released, data security and compliance should be a top concern for your teams.