Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

GDPR Requirements for Cookie Policies

As a business owner, you know the European Union (EU) General Data Protection Regulation (GDPR) went into effect in May 2018. However, one of the most confusing aspects for a lot of businesses, large and small, has been the infamous “cookie policy.” No matter where your business resides, your website reaches customers protected by the GDPR which means you need to understand how to implement a GDPR compliant cookie policy.

Software Bill of Materials (SBoM) - Does It Work for DevSecOps?

There has been much discussion of a “software bill of materials” (SBoM) lately, for use when addressing security vulnerabilities. Many are curious, wanting to learn more. Googling the term gives lots of positive descriptions. This post will go negative, describing problems with the concept.

Adding CVE scanning to a CI/CD pipeline

A Docker image contains an application and all its dependencies. As it also contains the numerous binaries and libraries of an OS, it’s important to make sure no vulnerabilities exist in its root filesystem, or at least no critical or major ones. Scanning an image within a CI/CD pipeline can ensure this additional level of security.

What You Need to Know About Secure Mobile Messaging in Healthcare

With the majority of people using smartphones these days, texting is all but a given when trying to communicate with your friends or family. But what about your doctor? A recent study determined that 96 percent of physicians use text messaging for coordinating patient care. This can raise eyebrows and red flags.