Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

tripwire

Social Engineering: Definition & 6 Attack Types

Mar 1, 2023 By Joe Pettit In Tripwire

We all know about the attacker who leverages their technical expertise to infiltrate protected computer systems and compromise sensitive data. This type of malicious actor ends up in the news all the time. But they’re not the only ones making headlines. So too are “social engineers,” individuals who use phone calls and other media to exploit human psychology and trick people into handing over access to the organization’s sensitive information.

Read Post

How to Easily Generate An Accurate Software Bill of Materials (SBOM) with Black Duck | Synopsys

Mar 1, 2023 By Synopsys In Synopsys
Did you know that open source code constitutes up to 95% of the code in your applications? This creates a web of dependencies that can pose security, quality, and compliance risks. Black Duck provides a solution by helping you generate an accurate software bill of materials (SBOM) in minutes, giving you visibility into your software supply chain. Watch the video to streamline your SBOM generation process and take control of your software supply chain.
View Video

Hello CISO - Episode 9: Practicing Good Breach Response

Mar 1, 2023 By 1Password In 1Password
What makes a company successful at breach response? In a word, preparation. In this episode, Troy breaks down an historically bad example of breach response, and how to avoid a similar fate. Hello CISO is a collaboration between Troy Hunt and the people who build the world's most trusted enterprise password manager.
View Video

Negotiating with Ransomware Actors: Why it's a Business Deal

Mar 1, 2023 By Razorthorn In Razorthorn
When dealing with ransomware actors, people tend to forget that it is essentially a business negotiation. Although these actors may not be the nicest people, their goal is to make money and have you pay up. In this video, we discuss how going in with a confrontational attitude may not be the best approach. Some ransomware groups behave like gamer forum groups, using similar language and tactics, while others are more professional and skilled in negotiation. It's important to do your homework and understand that these actors may already know how much you're insured for.
View Video
cyberark

Secrets Management: Meeting Developers Where They Are

Mar 1, 2023 By Kristen Bickerstaff In CyberArk

There’s always a balancing act when it comes to building and deploying cloud-native applications in environments like Amazon Web Services (AWS). The whole point of moving production to the cloud is that developers can move faster than ever before, innovating and shipping new features on a daily basis. But that same speed can be an organization’s downfall if development outpaces security processes and accidentally exposes secrets or other credentials to potential attackers.

Read Post
Snyk

Three expert tips for cultivating secure software development practices

Mar 1, 2023 By Simon Maple In Snyk

We often hear about the importance of DevSecOps — integrating security into DevOps processes. But as many security professionals know, it’s not nearly as easy as it sounds. Cultivating secure software development practices requires working alongside developers with varying opinions, priorities, and idiosyncrasies. And any process involving humans is complicated. So, how do today’s security teams overcome these challenges and make secure software development practices a reality?

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.