Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

The Developer's Checklist to Security Hardening [XLS Download]

The coming of the internet was a beautiful thing, bringing about accessibility to reach everyone across the globe. But this reach is a double-edged sword. If everyone is just a click away, so are bad actors who can reach back to attack the organization at its weakest spot, trying to access information that it strives very hard to protect.

10 Ways to spot a phishing attempt

Phishing attacks are becoming more and more common, and they're only getting more sophisticated. While there are a variety of ways to defend yourself against phishing attacks, one of the best methods is simply to be able to spot them. With that in mind, here are 10 common signs that an email or other communication may be a phishing attempt.

Is Slack Secure from Threat Actors & Hackers in 2023?

When Uber was breached in September, the hacker remained undetected until they announced their presence within the org via Slack. This incident provides yet another example of Slack being leveraged by an attacker. In this post, we’re going to review some of the ways attackers have used Slack in breaches, why this is happening, and what you can do about it.

Shifting Left with the Crowdstrike and AWS CI/CD Pipeline

CI/CD combines the practices of continuous integration (CI) and Continuous Delivery (CD) to allow DevOps teams to deliver code updates frequently, reliably, and quickly. CI/CD emphasizes automation throughout the development lifecycle (Buid, Test, Deploy). By replacing the manual efforts of traditional development, code releases can happen more frequently, and with less bugs and security vulnerabilities. At CrowdStrike, we focus on integrating security into the CI/CD pipeline. As part of the functionality of CrowdStrike’s Falcon Cloud Workload Protection (CWP), customers have the ability to create verified image policies to ensure that only approved images are allowed to progress through the CI/CD pipeline and run in their hosts or Kubernetes clusters.

Evolution of the SOC - From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program

Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program How important is the Security Operations Center (SOC) to a business and a security leader's overall success? The answer is a bit cloudier than one would believe, given the length of time the SOC has been part of our security program lexicon.

What Does The Twitter Chaos Tell Us About The Security Of Our Data?

What a few weeks it has been for Twitter, from the sacking of half its workforce, and the rushed release of a new feature that allows impersonation of people and brands, through to the unintentional lock out of some users with a certain multi-factor authentication (MFA) configuration enabled. Added to this, we have also seen major resignations of key individuals across the Information Security, Privacy and Compliance groups.

Integrating Dependency Management Into Cloud Services: The Mend-AWS Partnership

The ongoing growth in the adoption of cloud services poses escalating opportunities and risks in equal measure. The increased capacity and scalability of cloud environment lends itself to an accelerated pace and higher volume of software and application development than ever before. This trend brings into play a huge increase in the number of software components and dependencies that developers use in their code bases.