Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Healthcare cybersecurity for 2020 and beyond

These days, effective cybersecurity in healthcare is as critical as ever. Last year, more than 32 million patients had their personal and medical information stolen in data breaches across the United States. While moves are being made, the fact remains that healthcare providers still have many holes to plug when it comes to the illegal or accidental outpouring of patient data.

Guest blog: streaak - my recon techniques from 2019

Detectify Crowdsource hacker Akhil George, aka streaak, is a full-time student who chases bug bounties during his free time. His hacking interests started with CTF competitions and eventually shifted to bug bounties, gaining him recognition abroad including this report from NBC. Our Crowdsource guest blogs give readers an inside look into the mind of an ethical hacker, this month’s contribution goes on to discuss the recon techniques streaak used in 2019.

Teleport 4.2 - Enhanced Session Recording, Workflows, and GCP

Teleport 4.2 delivers a strong foundation of new features. We have a full list of improvements and fixes attached to our Teleport 4.2.0 GitHub release. Below are a couple of the highlights. Teleport now provides greater visibility into what’s happening during a Teleport session with our Enhanced Session Recording. We’ve also laid the groundwork for a world of possibilities with our enterprise-only Role Escalation via a Workflows API.

What is the California Consumer Privacy Act (CCPA)?

The California Consumer Privacy Act (CCPA) or AB 375 is a new law that became effective on January 1 2020, designed to enhance consumer privacy rights and protection for residents in the state of California by imposing rules on how businesses handle their personal information. The CCPA is the most extensive consumer privacy legislation to pass in the United States and is akin to the European Union's General Data Protection Regulation (GDPR) and other data privacy laws and privacy regulations.

From Good to Great - Building on ICS Security Basics

Most industrial organizations are behind the curve when it comes to cybersecurity, facing mounting complexities like the IIoT, the skills gap and the IT/OT divide. But what about industrial organizations that are already taking steps in the right direction and need to know what awaits them on the horizon? What practical next steps can your organization take to optimize your current ICS cybersecurity program?

Malware in the Cloud: Protecting Yourself Based on Your Cloud Environment

In some ways, the cloud has made security management easier, as many cloud providers have taken the responsibilities traditionally associated with local server management out of your hands. But in other ways, the security management conversation has become more confusing for decision makers, as “cloud” is a very broadly defined term and could speak to a variety of different technology ecosystems with their own security considerations.

Mac system extensions for threat detection: Part 1

When it comes to having visibility and detecting threats on macOS, one of the best sources of information for file system events, process events, and network events is the kernel. MacOS kernel extensions provide the ability to receive data about these events in real time with great detail. This is good for providing quick visibility into detecting anomalies and identifying possible threats.

Don't give away your secret answers

I was watching an interview with an American Congressional member the other night, and I could not help but notice the person’s lack of cybersecurity awareness. As a disclaimer, please note that this is not a piece promoting or denouncing any political party, or view. I do not discuss politics unless it relates to a cybersecurity matter. In two previous posts, I have been misunderstood and thought to be promoting a position, but that isn't my intended purpose - cybersecurity awareness is.