The whole point of an SBOM is lost if you keep it a secret. Here we reveal our secrets of the ideal SBOM exchange. Let us know if we’ve missed anything in RKVST SBOM Hub. SBOMs are made for sharing and are the gifts that keep on giving, but only if they get to the right place at the right time to drive the right critical decision. The first critical decision, or moment of truth, is whether to buy a vendor’s product.

Regardless of the industry or organization, corporate email is the main cause of unauthorized and accidental data leaks. Employees are constantly sending emails to external parties that may contain sensitive company data, personally identifiable information (PII), trade secrets and other intellectual property.

The number of U.S. data breaches reported in 2021 increased dramatically over the preceding year. As reported by the Identity Theft Resource Center (ITRC), there were 1,291 data breaches between January 1, 2021 and September 30, 2021. The volume beat out the 1,108 breaches detected over the course of Full Year (FY) 2020. It’s therefore not surprising that data compromises year-to-date (YTD) was up 27% last year compared to FY 2020.

Sysdig today announced that it has achieved Amazon Web Services (AWS) Security Competency status. This crucial designation recognizes the value provided by the Sysdig Secure DevOps Platform to AWS customers to achieve their container and cloud security goals. As a key partner for the ecosystem, Sysdig collaborates closely with AWS and its customers to enhance the protection of cloud infrastructure and applications against continuously evolving security threats.

One of the primary ways that adversaries gain access to environments is through valid credentials. Because of this, maintenance and auditing of user accounts is an integral part of maintaining a good security posture. When an employee leaves a company or organization, it is important that all associated accounts be removed and permissions revoked. If these accounts are not removed, they are a potential avenue for attackers to enter a network.

The second a system is connected to a network, it becomes vulnerable to a cyber attack. We’ve seen news of companies experiencing cyber attacks across different industries more often than we can count. But now that the automotive industry has joined the digital bandwagon, cybersecurity threats and attacks are also becoming an issue.

It's easy for cybersecurity teams to think they're doing everything to stay ahead of data breaches and cyberattacks in this post-pandemic era. For instance, you've probably rallied qualified experts to augment your IT ecosystem and supplied them with state-of-the-art threat detection and mitigation technologies that offer real-time insight into your infrastructure security.

Spam filters are essential. Without them we couldn’t cut through the noise of phishing scams and malware links to read our messages. Hatred of spam is well entrenched in society, just as bots (especially scalpers) have become the bane of so many lives in recent years. There are several parallels between the email spam in our inboxes and malicious bots that crawl the web. Both are designed to cause harm to businesses and individuals. Both exploit systems designed to be useful.

In 2008, Data Privacy Day started as an extension of Europe’s Data Protection Day, which commemorates the signing of Convention 108. This year, the National Cybersecurity Alliance (NCA) established Data Privacy Week to empower individuals and businesses to respect privacy, safeguard data and enable trust. Plus, data privacy is so important that it needs more than just a single day of discussion!

In 2021, malicious Office documents accounted for 37% of all malware downloads detected by Netskope, showing favoritism for this infection vector among attackers. This is likely due to the ubiquitous usage of Microsoft Office in enterprises across the globe. Throughout 2021 we have analyzed many techniques used by attackers to deliver payloads through infected documents, which included the return of Emotet, a campaign that primarily uses infected documents to spread malware.