GDPR enforcement (and therefore fines) has been on the rise recently. And after the initial “compliance on paper” that many consultants offered, it’s time to address the cybersecurity aspects underlying GDPR. We have previously addressed the logging requirements of GDPR and now we are going to review the “why” in addition to the “what”.

Why is SIEM Important for Regulatory Compliance? A security information and event management (SIEM) system can improve the security of your business’ computer network with real-time automation, monitoring, logging and event alerts. By leveraging SIEM Software, your security team is able to track events concerning your company’s information security, such as potential data breaches, helping you to react in a timely manner.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Most of us after almost a year of regular lock-downs are experiencing cabin fever. In some cases it erupts in quite interesting ways – such as this one. I very much doubt it is a hacker, most likely an employee trying to release ‘tension’.

When it comes to maturing an AppSec program, there are several best practices that can help you get started. In part two of our AppSec podcast series, Tim Jarrett, Director of Product Management at Veracode, and Kyle Pippin, Director of Product Management at ThreadFix, share the top 3 things they’ve learned from organizations that have successfully matured and scaled their AppSec programs.

Scalper bots are designed to automatically purchase online goods. Generally, they do this by adding a product to a cart and completing the checkout process far faster than any human could hope to do so. They exploit vulnerabilities in websites to purchase goods before they are even listed as available to the usual human users of a website. Those using scalper bots have a huge advantage over non-bot users when it comes to purchasing limited-quantity items.