Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

What is Sensitive Data?

Sensitive data is information that must be protected against unauthorized access. Access to sensitive data should be limited through sufficient data security and information security practices designed to prevent unauthorized disclosure and data breaches. Your organization may have to protect sensitive data for ethical or legal requirements, personal privacy, regulatory reasons, trade secrets and other critical business information.

What is Personally Identifiable Information (PII)?

Personally identifiable information (PII) is data that could identify a specific individual. Information that can be used to distinguish an individual's identity from another or be used to deanonymize anonymous data is also considered PII. While PII has several formal definitions, think of it as any information that can be used on its own or with other information to identify, contact or locate a particular person.

Security Strategies for Mitigating IoT Botnet Threats

As DevSecOps continues to redefine the IT security landscape, security is becoming everyone’s responsibility. That means that staying ahead of the latest cybersecurity threats—such as IoT botnets—should be a priority for every DevOps professional. To help you do that, this article discusses strategies for combating IoT botnets.

Insider Threats: Root Causes and Mitigation Practices

The recent IBM 2019 Cost of Data Breach survey found that the cost of a data breach had risen 12% over the past 5 years to $3.92 million on average. While 51% of the data breach attacks were attributed to malicious or criminal actors, a stunning 24% of the breaches were caused by negligent employees or contractors. The report also notesed that the 51% of the criminal actors included, “malware infections, criminal insiders, phishing/social engineering and SQL injection.”

A Cybersecurity Checklist for Monitoring SaaS Applications

Today’s digital perimeters grant authorized users anytime/anywhere access to sensitive business data. Because of this, SaaS-heavy IT environments introduce a higher complexity to threat detection and response efforts. User activity on SaaS accounts can be quite varied, occurring on multiple endpoints and from a variety of locations. Businesses must distinguish between legitimate and potentially illicit user activity on busy networks.

Falco in the open

One of the most successful aspects of Kubernetes is how functional the open source community was able to operate. Kubernetes broke itself down in smaller sections called special interest groups, that operate similarly to subsections of the kernel. Each group is responsible for a single domain, and sets their own pace. One of the most important things to a Kubernetes SIG, is the residual SIG calls.