As the only cloud-native logging and security analytics platform that enables organizations to take full advantage of all of their data to run and secure their business, Devo is committed to working with other leading security technology providers to bring advanced capabilities to our customers. That’s why we’re pleased to announce an integration with Google Cloud IDS.

Technology is always changing, and as it does, businesses are constantly adopting new technologies to streamline their business processes and improve deliveries of goods and services. With those new technologies, however, comes risk. Every new technology opens up a business to digital threats. Sometimes those threats come from the untested nature of leading-edge technology, and sometimes those threats are simply associated with the learning curve of users within an organization.

Data leaks can happen in many ways, and they’re surprisingly common. For example, a company might be hacked by cybercriminals; someone may lose their laptop with sensitive information; employee records could get lost during the relocation process. It doesn’t take much for sensitive information to get into the wrong hands. In fact, research has found that more than half of all data leakages come from human errors like typos and lost files.

If you are working in the Java ecosystem and building your applications with an older Maven version, this message is for you. Check your Maven version by typing mvn -version! If you are still running on an old Maven version like 3.6.3 or below you definitely need to upgrade to version 3.8.1 because of security reasons. Be aware that to run Maven 3.8.1, Java 7 is required. Luckily we found out in the JVM Ecosystem report 2021 that not many people work with Java 6 or below.

Physical penetration tests are meant to simulate real-world scenarios to help assess the vulnerabilities and risks that could compromise a company’s physical security. Specialists often carry them out in this field who know how to access sensitive information, bypass controls, intercept network traffic and EM waves and more! Physical penetration testing is a vital part of any company’s security.

UPnP (Universal Plug and Play) is a service that allows devices on the same local network to discover each other and automatically connect through standard networking protocols (such as TCP/IP HTTP, and DHCP). Some examples of UPnP devices are printers, gaming consoles, WiFi devices, IP cameras, routers, mobile devices, and Smart TVs. UPnP can also modify router settings to open ports into a firewall to facilitate the connection of devices outside of a network.

On May 12, 2021, President Biden announced an executive order to improve the nation’s cybersecurity. The order, which outlines security initiatives and timelines, calls for the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) to enhance the security of the software supply chain.

There are many important factors to consider when choosing a cloud provider for your cloud use cases. For organizations in heavily regulated industries, compliance with relevant regulations is one of the most important things to think about. Whether you’re planning for a single cloud workload or a hybrid multi-cloud setup, maintaining compliance for sensitive data in the cloud is imperative.

Organizations need the right internal personnel like a CISO to keep their systems and data secure. But what kind of skills do these leaders need? And how should they guide their employers in a way that doesn’t overlook the evolving threat landscape? To find out, I spoke decided to speak with Goher Mohammad. Goher is the Group Head of Information Security (CSO) for L&Q. He has held that position there for just under three years.

Last month we hosted a webinar dedicated to discussing the issue of codebase security. As trends like secrets and credential exfiltration continue to be of concern within systems like GitHub, threats, such as cryptojacking and supply side attacks, have become more of a problem. This makes understanding key aspects of codebase security very important. That’s why we pulled out 4 lessons from our recent session that developers and security engineers must know.