Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Is GDPR a priority for businesses in 2022?

Data privacy is a priority objective for businesses today, particularly after the European Union's General Data Protection Regulation (GDPR) became enforceable in 2018, as this law protects European citizens’ personal data and requires organizations to change some of their work processes.

Corelight Investigator accelerates threat hunting

This morning we announced Corelight Investigator, an open NDR platform that enables security teams with the next-level evidence they need to disrupt attacks and accelerate threat hunting through an easy-to-use, quick-to-deploy SaaS solution. How does it work? Investigator combines battle-tested network evidence with intelligent alert scoring to deliver prioritized alerts tied to correlated evidence, enabling analysts to cut through the queue and accelerate incident response.

WhiteSource is Now Mend: You Code, We Cure

In 2011, my co-founders Azi Cohen, Ron Rymon, and I founded WhiteSource with a mission to automate all tasks surrounding the use and security of open source software. We were pioneering the software composition analysis (SCA) market before it had a name. Over the years, we’ve evolved to offer more value to our customers beyond our founding purpose.

KillNet Utilizes CC-Attack: A Quick & Dirty DDoS Method

During the course of 2022, SecurityScorecard has been tracking multiple DDoS campaigns that have been targeting entities within the Ukrainian government, as well as other European government targets that are perceived to be allied with Ukraine government interests. One of the groups at the forefront of these DDoS attacks is the hacking collective known as KillNet.

5 Ways to Effectively Prevent Data Leakage

Nowadays, it’s common to hear about yet another high-profile security breach in which critical data is leaked, resulting in damage to the organization’s reputation and bottom line. Unfortunately, it's impossible to remove all risks in your organization but there are ways to best protect against them and improve your security posture.

What capabilities are critical to the success of your AppSec program?

The 2022 Gartner® Critical Capabilities for Application Security Testing report provides useful guidance for teams wanting to build an AppSec program optimized for their business needs. There are two cars in my driveway right now. One was built in 1978, and what’s great about it is how easy it is to work on. It’s a simple vehicle, and most repairs can be performed with only a half-dozen tools: two screwdrivers, three wrenches, and a hammer (you always need a hammer).

Mend Explainer

Mend, formerly known as WhiteSource, effortlessly secures what developers create. Mend uniquely removes the burden of application security, allowing development teams to deliver quality, secure code, faster. With a proven track record of successfully meeting complex and large-scale application security needs, the world’s most demanding software developers rely on Mend. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, the open source automated dependency update project.

Corelight Investigator

The only evidence-first threat investigation platform Investigator is a SaaS-based network detection and response (NDR) solution that combines comprehensive network evidence with machine learning and other analytics integrated into a fast, intuitive search platform to accelerate threat hunting and incident response and consolidates legacy toolsets.

Pyrsia: Decentralized Package Network that Secures the Open Source Supply Chain

Supply chain security has received a lot of attention in recent years. And rightly so. Software vulnerability exploitation attacks have been a key tool in the hands of the hackers to hamper businesses, compromise sensitive data, and a cause of general sense of fear around open source software.

Pyrsia: Open Source Software that Helps Protect the Open Source Supply Chain

Stephen Chin is no stranger to having big ideas and implementing them to help the developer community. In the last twenty years he’s been involved in building open source IDEs, bootstrapping rich client libraries, maintaining JVM languages, and cultivating relationships with developers that do the same.