Read the Synopsys Cybersecurity Research Center’s (CyRC) analysis of CVE-2019-18989, CVE-2019-18990, and CVE-2019-18991.

Cybersecurity Supply Chain Risk Management (C-SCRM) deals with more than protecting an organization from cyber-attacks on third parties. It also addresses third parties to those third parties (known as “fourth parties”). Further still, a vendor to your vendor’s vendor is a fifth party, then a sixth party, etc. Your SCRM should involve knowledge of how far, complex and even convoluted your supply chain is. Then measure this complexity with your risk appetite.

Working on PDF documents on mobile devices has been one of the most anticipated features this year. Now, with the integration of PSPDFkit, Egnyte has added this capability to its iOS app (the Android app has this feature in Beta, and it will be launched officially later this fall) Users who work on PDF files now have the tools for fast and easy editing. It reduces the time needed for file preparation as you can do it on the go within one app. It also reduces the costs of annotations.

With the growing popularity of cloud computing, security incidents related to it have been on the rise. Logs are indispensable resources for countering these threats, and they can be utilized for alerting, taking remedial action, and even preventing future attacks. In this post, we will examine ways to better secure cloud-native applications using logs.

Data privacy solutions are crucial for complying with privacy regulations and maintaining security. In the first nine months of 2019, there were 5,183 reported data breaches, with 7.9 billion records exposed, according to the Data Breach Quickview. Modern regulations, such as GDPR and CCPA, require companies to develop reasonable data protection measures to protect consumers’ personal information against exposure or loss.

As of June 2020, more than 3.2 million consumer records were exposed in the 10 biggest data breaches this year. Eight of the ten largest breaches occurred at healthcare or medical organizations, meaning patient information in addition to PII was likely acquired by hackers. Data loss prevention (DLP) is an ever-changing practice, with new security policies and information security standards evolving to keep up with the threat of online hackers.

The first software development team I worked on operated on the follow mantra: Make it work. Then, make it fast. Then, make it elegant (maybe). Meaning, don’t worry about performance optimizations until your code actually does what it’s supposed to do, and don’t worry about code maintainability until after you know it both works and performs well. Users generally have no idea how maintainable the code is, but they do know if the application is broken or slow.

Employee monitoring and productivity tracking features valuable insights into your teams’ performance levels throughout the day. If your office has been recently affected by the COVID-19 pandemic, you might also be transitioning into a more remote-friendly workplace environment. How do you make sure your employees are staying productive? Can you accurately measure an increase or decrease in your team’s overall productivity?

Industry research firm Gartner asked cybersecurity thought leaders to submit a video of themselves answering the question “What are your customers’ top security priorities?” for the Gartner Security & Risk Management Summit, a virtual event for the EMEA region held this month. Julian Waits, general manager of cybersecurity for Devo, was among those to whom Gartner posed the question. His video is below, and this blog post offers an expanded version of his response.

API gateways have become a standard component in modern application architectures. The gateway exposes application APIs to the Internet and serves as a logical place to enforce policy. This is a two-part series about enforcing API authorization policies in Apigee with Okta as the identity provider (IdP).