For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

Compliance with the Health Insurance and Portability Act (HIPAA) initially appears to apply only to the healthcare industry. However, HIPAA also requires healthcare provider business associates to maintain security and privacy controls over protected health information (PHI) and electronic PHI (ePHI). For payer organizations, this requirement means aligning data security protections to HIPAA.

Implementing cybersecurity projects shouldn’t only depend on return on investment or viewed as a cost. There’s a better way you could be evaluating it. Businesses should be thinking about how adding cybersecurity can add more business value and enable company growth. The landscape is changing and security is starting to be seen as a competitive advantage more often, and for some industries, it’s a reason customers want to do business with a brand.

Every business today is growing in their own unique way. Their infrastructure is made up of a combination of cloud and on-premises repositories. Their application suite is custom built with a myriad of productivity applications like Slack, Office 365, Zoom, and more. And finally, their users are working on a wide range of devices, from Apple iPhones to Microsoft Surface Pros. The common theme amongst businesses is their need for flexibility.

Even with years of related industry experience an individual can become lost in all of the acronyms surrounding security vulnerabilities in modern software. Several of these acronyms exist, and many of them are very similar. Some of the most common are discussed below.

In September of 2018, Amazon Web Services (AWS) announced the addition of the Session Manager to the AWS Systems Manager. The session manager enables shell or remote desktop level access to your AWS EC2 Windows and Linux instances, along with other benefits. This is a great new feature, but care should be taken when enabling this capability.

Cybersecurity has three pillars of people, process, and technology. Enterprises have historically had a skewed focus towards the technology aspect of cyber security - installing another endpoint agent, or deploying another network monitoring device designed to seek out anomalys behaviour.

Over the past many years, cyber threats have become greater in frequency and more sophisticated than ever. Current security mechanisms are based on traditional reactive approaches such as antivirus programs and firewalls who react once the incident has occurred. Under such circumstances, intruders have a chance to compromise your network either partially or entirely.

Tigera is excited to announce several new capabilities with Tigera Secure Enterprise Edition 2.3, extending the ability to uncover sophisticated Kubernetes attacks. Tigera Anomaly Detection capabilities provide insight into unusual behaviors that compromise the security and performance of Kubernetes environments.