The sudden shift to remote work in 2020 exposed companies to a variety of new security challenges that haven’t gone away. Review the seven most crucial areas of security for emerging remote-first organizations. Continue reading below or feel free to download a copy of this playbook. We’ll also include our free Post-COVID Security Checklist as a reference you can keep in your back pocket.
OpenBullet is a testing suite of software allowing users to perform requests on a target web application. The open source tool can be found on GitHub and is used by businesses for various legitimate purposes including scraping and parsing data and automated penetration testing. Although designed to aid security professionals, in the wrong hands OpenBullet can be abused for the opposite purpose.
Data Privacy Day (known in Europe as Data Protection Day) is an international event aimed at raising awareness about data privacy and protection practices among businesses as well as internet users. In this blog series, we’ll attempt to do the same. This first blog post will shed light on data privacy as a whole, important data privacy laws, and some data collection practices that can help you adhere to these laws.
A core challenge for threat detection engineering is reproducing common attacker behavior. Several open source and commercial projects exist for traditional endpoint and on-premise security, but there is a clear need for a cloud-native tool built with cloud providers and infrastructure in mind. To meet this growing demand, we’re happy to announce Stratus Red Team, an open source project created to emulate common attack techniques directly in your cloud environment.
Here's a short overview of the most interesting cybernews that made headlines this week.
Supply chain compromises are an increasing threat that impacts a range of sectors, with threat actors leveraging access to support several motivations including financial gain (such as with the Kaseya ransomware attack) and espionage. Throughout 2020, an operation attributed to the Foreign Intelligence Service of the Russian Federation (SVR) by the U.S.
In the DevOps and DevSecOps Introduction, What is DevOps, we reviewed how our security teams overlay onto DevOps for visibility and increased security throughout the software lifecycle. This article explores DevSecOps during the planning phase of the project and why it’s important for developers to be trained on how to help protect the software they are writing from Free Open-Source Software “FOSS” risks and supply chain attacks.
