Cybercriminals have been well ahead of the curve when it comes to cybersecurity in the online retail industry. Specifically, criminals have been exploiting changes in purchasing behavior that favor online transactions and adapting their methods to take advantage of the authentication challenges arising when a card is not present (CNP) at the time of the transaction.

One of the most crucial things for the healthcare sector during the ongoing global pandemic, amidst many other competing priorities, is keeping a check on its cybersecurity measures. During the first half of 2020, HHS or the Department of Health and Human Services recorded a 50% increase in cybersecurity breaches in the field of healthcare itself.

Cloud native application security—or CNAS for short— is our passion here at Snyk. CNAS focuses on the security of your code, open source dependencies, container and infrastructure as code. Snyk is expanding on our annual State of Open Source Security report, by adding a new report in which we take a holistic view of the overall application developers work with on a day to day basis.

The defense evasion category inside MITRE ATT&CK covers several techniques an attacker can use to avoid getting caught. Familiarizing yourself with these techniques will help secure your infrastructure. MITRE ATT&CK is a comprehensive knowledge base that analyzes all of the tactics, techniques, and procedures (TTPs) that advanced threat actors could possibly use in their attacks. Rather than a compliance standard, it is a framework that serves as a foundation for threat models and methodologies.

To keep up with increasing time and productivity demands in software development, it’s important that organizations are staying on top of their digital shifts through rapid technology adoption and the prevention of common snags in application security (AppSec).

Many organizations are migrating their workloads to the cloud. But there are challenges along the way. Specifically, security leaders are concerned about their ability to protect their cloud-based data using secure configurations.

It is the Tuesday morning after a long weekend. You come into work early to get caught up on emails only to find you are completely locked out. You have been hit by a ransomware attack. You ask yourself, “What happened? And how do I fix it?” This post will explore three of the most significant ransomware families of 2020: Tycoon, Ryuk and REvil.

As a product manager, I am always concern about the value my customers will get from the product, and this is my main focus. In order to achieve this, I often meet with customers and talk about pain points, problems,offer a solution, see how the product can help. In the past few years, one of the items that get raised in these discussions is not related to any pain pointor feature requirement, it is the attachment method when dealing with K8s security.

Splunk Phantom 4.10 introduced many new enhancements, including the ability to develop playbooks in Python 3. In fact, Python 3 is now the default for Splunk Phantom playbooks. In doing so, we needed to create two different “playbook runners” to ensure we could continue to support playbooks written in Python 2.7 while also supporting Python 3.