In this SaaSTrana podcast session, Puneet Miglani (Founder – Candor Technology) discusses how app development companies emphasize security in their AMC contracts with Venky.

As the world has evolved in significant ways over the past several decades, so have the threats that businesses face daily evolved. In particular, cybercrime has grown into a nefarious force that harms businesses and causes irreparable damage. From holding information ransom to stealing private financial information, there is no limit to the damage that cybercriminals can inflict upon your operations.

Listed at #5 in the OWASP Top 10 list, security misconfiguration refers to vulnerabilities that result from an application’s configuration. As with insecure design, security misconfiguration is a broad category within the OWASP Top 10. These types of misconfigurations can occur at any level of an application stack, so it’s critical for DevSecOps teams to work together to ensure the entire stack is properly set up.

‍ Data from the International Organization for Standardization (ISO) shows that ISO 27001 certification is one of the most rapidly-growing standards, with nearly 59,000 valid certificates in place as of December 2022. As a compliance framework that is based upon the core cybersecurity principles of people, processes and technology, ISO 27001 compliance provides your organization with significant benefits. So, you need to take action now.

Ask a cybersecurity professional what keeps them up at night and you’ll get answers about insufficient staffing, IT complexity or constant attacks on their business. Quantum computing isn’t likely to make the list. Yet as technological change accelerates, real quantum risks are coming into view. Now is the time to prepare corporate IT systems for the “death” of classic cryptography to safeguard data and privacy in the future.

We are thrilled to announce that Snyk has achieved Red Hat Vulnerability Scanner Certification, making it one of the few security platforms to receive this certification from Red Hat. This achievement demonstrates Snyk’s ongoing commitment to providing our customers with the highest level of security assurance for their applications.

Snyk recently hosted a half-day virtual event focused on security for application workloads running on AWS (you can catch it on demand here). The event was broken into six sessions spanning topics like developer challenges in cloud-native AppDev, top vulnerabilities from last year, hands-on workshops with industry-leading technology vendors, and several other subjects that help enable engineering and security teams to build a successful DevSecOps workflow.

According to reporting by several cybersecurity publications the 3CX Desktop Application has been exploited in a supply chain attack. The 3CX client is a popular VOIP and messaging application used by over 600,000 companies. From the article on Bleeping computer This supply chain attack, dubbed ‘SmoothOperator’ by SentinelOne, starts when the MSI installer is downloaded from 3CX’s website or an update is pushed to an already installed desktop application.

Keeper continues to release new features for consumers, businesses, enterprises and managed service providers. Our latest release includes significant enhancements such as a Business Support Portal for our business customers, multiple vault integration capabilities for Keeper Connection Manager (KCM), a Google Cloud integration with Keeper Secrets Manager (KSM), CAC/PIV integration for agencies and more.