As the partnership between Snyk and Atlassian continues to grow, we decided to put together a best practices cheat sheet to help you make the most of our integration with Bitbucket. This will help you use Bitbucket more securely to manage and store your code, as well as continuously monitor your code and dependencies for potential vulnerabilities using Snyk. Here are the seven best practices we’ll discuss in this post: Download the cheat sheet

The idea behind the SIEM (and now XDR!) technologies was to provide a single engine at the heart of the SOC, aggregating data, enabling analytics and powering workflow automation. The SIEM would act as one place to train analysts and integrate a range of complementary technologies and processes. Given the efficiency that comes from centralization, I was surprised to hear that a growing number of defenders are actually using two SIEMs. Why is that?

CrowdStrike is introducing memory scanning into the CrowdStrike Falcon sensor for Windows to increase visibility and detect in-memory threats, adding another layer of protection against fileless threats. In recent years, threat actors have increased their dependence on fileless or malware-free attacks.

Read also: Toyota suspends production due to a cyberattack, Enercom suffers satellite outage, and more.

Here in the United States, we often focus on the cybersecurity readiness of the federal government. The reality is that state and local government departments are just as, if not more vulnerable to cyber attacks. Nearly one quarter of their employees use personal devices for work, where security teams have little visibility, enabling threat actors to execute phishing and other malicious activities. These risks will only continue to grow as in-person services continue remotely.

Microsoft engineers shared that 99.9% of compromised accounts forgot to turn on MFA. Despite so many warnings and proof of the efficacy of MFA, an M365 security report by Coreview reveals that 78% of M365 administrators do not have MFA activated. Isn't that crazy? It's not always perfect (phishing, social engineering and password brute-force attacks, device theft etc.); nevertheless, it is clearly better than not having it. However, if not implemented with care, it can create headaches for MSPs.

We’re pleased to announce that Nightfall is partnering with Hanzo, a best-in-class enterprise e-discovery and investigations platform. Hanzo’s offerings, now powered by Nightfall DLP, include Nightfall’s machine learning detectors as part of Hanzo’s core functionality.

Software-as-a-service (SaaS) has taken over the world because it’s easy. With just a few clicks, business units can find an application that’s suitable for a particular business process. They can subscribe to it and immediately start using it — and the IT department might never find out.

The US Senate has passed legislation designed to improve the cybersecurity of the Federal Government. The legislation, which consists of three bills, was unanimously passed by the Senate on Tuesday evening, and would – amongst other things – require organisations working in critical industry sectors to alert the US Government about hacks and ransomware attacks.

In the last few years, Kubernetes has grown exponentially in popularity. Its wide adoption can be attributed to its open source nature, flexibility, and ability to run anywhere. Developers also love the fact that you can manage everything in Kubernetes using code. kubectl is the Kubernetes-specific command line tool that lets you communicate and control Kubernetes clusters. Whether you’re creating, managing, or deleting resources on your Kubernetes platform, kubectl is an essential tool.