Many businesses that have allowed employees to continue working from home for the foreseeable future are aware that they need to update their cybersecurity. It’s likely that they have allocated some budget and IT resources to make those necessary changes. However, IT budgets are finite. Given the economic disruption of the pandemic, enterprises must strategically decide where to invest their cybersecurity budget most effectively.
We’re excited to announce a new feature of the Nightfall platform: the Nightfall policy engine. With the policy engine, security teams can now more granularly customize when and how PII, PHI, secrets/credentials, and other business-critical data are detected within their cloud environments. Read on to learn more about the policy engine and how you can make the most of it.
Security Information and Event Management (SIEM) helps organizations in collecting, correlating, and analyzing log data from a wide range of systems connected to their IT infrastructure. Based on the results, a SIEM solution assists an organization in detecting threats and suspicious activity on their IT infrastructure. If you are already using a SIEM platform such as Logsign, you would know the importance of SIEM reports.
Cloud security is the implementation of security controls to protect confidential information stored in cloud environments and reduce the risk of data breaches. Effective cloud security involves regularly assessing and hardening defences, ensuring broad threat visibility and rapidly responding to threats.
A critical CVSS:10 vulnerability (CVE-2020-1472) in the Microsoft Netlogon process was patched in the August patch cycle, but details were not made public until earlier this week (14th September).
The recent disclosure of CVE-2020-1472 vulnerability by Microsoft showcases the need for tools that allow defenders to quickly replicate published exploit code, register attack data, and create signatures or other mitigations against released exploits with a high likelihood of exploitation against popular infrastructure or operating systems.
Distributed denial of service (DDoS) attacks are a favorite method for attackers to disrupt or debilitate firewalls, online services, and websites by overwhelming systems with malicious traffic or transaction requests. DDoS attackers accomplish this by coordinating an army of compromised machines, or 'bots', into a network of devices they control from a remote location that focus a stream of activity toward a single target.
Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users.
Your open source usage is out of control. Sure, it’s helping you develop your product faster and getting new releases out the door in days instead of months, but now your code base is made up of 60% or more open source components. And that percentage is only growing. The application layer continues to be the most attacked, so you know you need to stay on top of vulnerabilities.