Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Moody's Shares How to Learn from Organizations Running Successful AppSec Programs

Veracode has helped thousands of customers integrate security into their development cycle, and we’ve now got lessons learned, best practices, and pitfalls to avoid. Join Adrian Benvenuti, Vice President of Cybersecurity Risk and Architecture at Moody’s and Chris Kirsch, Director, Product Marketing at Veracode as they discuss how real-life AppSec programs are helping security and development teams work together to secure code.

Live From Black Hat: Stress-Testing Democracy - Election Integrity During a Global Pandemic with Matt Blaze

Technology and elections are heavily interrelated – but it wasn’t always that way. We started to adopt technology once we weren’t able to fit everyone into a town hall. The first piece of technology was simply a piece of paper and a ballot box. We may not think of it as technology, but the ballot box can be tampered with. That technology gave us ballot secrecy, a trait that a hand-raise in the town hall didn’t.

Tripwire Research: IoT Smart Lock Vulnerability Spotlights Bigger Issues

The mechanical lock is perhaps the most fundamental, tangible, and familiar layer of security in our daily lives. People lock their doors with the expectation that these locks will keep the bad people out, but there’s a common adage in the security industry that locks are only good at keeping honest people honest. This is perhaps truer than ever in the era of the IoT “smart lock” where lock picks and bump keys can often be replaced by scripts and sniffers.

National Cybersecurity Authority (NCA): What You Need to Know

In its Vision 2030 development plan, Saudi Arabia included a National Transformation Program whose purpose is to diversify the Kingdom’s income away from the oil industry. One of the core tenets of that program is to enable the growth of the private sector by developing the digital economy. Specifically, Saudi Arabia set out its intention to increase the contribution of the digital economy that’s non-oil GDP from 2% to 3% by 2030.

Is Microsoft 365 HIPAA Compliant?

Office 365 HIPAA compliance is a pressing concern for an increasing number of healthcare companies. Microsoft’s robust cloud solution lets providers keep records and communicate with ease — but is it too easy? Can sensitive information really be protected if it’s stored in the cloud? Cloud computing has been making inroads into the healthcare industry for several years.

The Problem of Content Sprawl

In the early days of SharePoint, installing a free version was fairly straight-forward and simple, and once in place, it would quickly catch on and spread across a single team, then expand between teams, and soon could be seen throughout the entire organization. In those early waves of growth, few paid much attention to the growing sprawl of sites and content.

How Does XOR Cipher Work?

XOR cipher is very easy to implement and offers a strong protection against brute force attacks. Keep reading to learn more! In today’s world, we use internet and communication technologies on a daily basis for pleasure and business. We send e-mails and files, chat with friends and co-workers, share content on social media, do shopping and so forth. As a result, we send and receive a significant amount of sensitive data every day.

How Does a VPN Work and How to Choose one

VPN stands for virtual private network. It allows you to hide your public IP address and browse privately on the internet without being tracked or watched. Basically, a VPN offers you a thick layer of privacy when using your home Wi-Fi or public. These networks were originally designed for big businesses and governments that wanted to keep their activities secret and secure.

Stories from the SOC: Compromised account detected

The Managed Threat Detection and Response (MTDR) analyst team was notified of multiple logins from different countries. With the shift to a more remote workforce, multiple logins from different locations is not uncommon, but the team discovered the potentially compromised account belonged to a third-party and immediately took action. Every year businesses lose millions due to data breaches caused by third parties.