Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Privacy in 2020 and What to Expect for the Year Ahead

2020 was dominated by news of the pandemic and anchored by reality that we all found ourselves in – entire families logging in remotely, trying to keep school and work feeling “normal.” While we tested the limits of what a home office could sustain, the privacy and security of a fully remote world was put front and center. In this piece, we take a look at a few privacy highlights that will likely impact your business and look ahead to see what’s in store for 2021.

ROI: Expert Tips for Justifying Security Investments

Over the last few months, I’ve had a number of conversations about the need to justify security spending. This year has been tough for a lot of organizations, so IT budgets are generally not growing. Plus, the money already allocated often had to be re-prioritized to meet changing business needs. At the same time, executives and board members become painfully aware of today’s cyber risks and the cost of not paying attention.

DevSecOps: The good, the bad, and the ugly

DevSecOps offers benefits—but it also has its challenges. Learn why companies are making the shift and why it’s not always easy. DevSecOps is the practice of integrating security into every stage of the DevOps pipeline. It unites development activities, operations support, and security checks, and coordinates the teams involved in the software development life cycle (SDLC). The synergy between the teams is helped by automation.

Top 5 Insider Threat Detection and Prevention Software of 2021

Dealing with insider threats requires a different strategy from other security challenges because of their very nature. Insiders have a significant advantage. They are aware of the organization’s policies, procedures, technology and vulnerabilities. They often have access to important systems, business IP and sensitive data. As such, they can cause a business the most damage compared to external attackers such as hackers.

5 Common Elasticsearch Mistakes That Lead to Data Breaches

Avon and Family Tree aren’t companies you would normally associate with cybersecurity, but this year, all three were on the wrong side of it when they suffered massive data breaches. At Avon 19 million records were leaked, and Family Tree had 25GB of data compromised. What do they have in common? All of them were using Elasticsearch databases. These are just the latest in a string of high profile breaches that have made Elasticsearch notorious in cybersecurity.

Protect your organization against Adrozek

Adrozek is a malicious browser modifier that, when installed on users’ machines, infects them with adware. This particular strain of malware has been making rounds since May 2020; according to Microsoft, it was at its peak in August, when as many as 30,000 computers were affected per day. Although classified as adware, Adrozek is also designed to collect information extracted from browsers by modifying browser settings and extensions.

Appknox Year in Review 2020

The year 2020 began with so many promises for team Appknox. We had just ended 2020 on a high note with substantial growth in revenue, customer acquisition and regional expansion. As we looked forward charged up to blaze past 2020, the world was shocked and humbled with the sudden COVID-19 pandemic. Just like all other companies globally, Appknox was faced with tremendous pressure to act, think and evolve quickly.

Data Security: What Happened in 2020, Continues in 2021

The year 2020 has been a time of unprecedented change. This year’s events continue to alter the course of cybersecurity, making it even more important to ensure that we better prepare ourselves for what’s to come. In this blog post, we review the key data security trends of 2020 and share several predictions about how they will affect enterprises and cybersecurity leaders in 2021. The global pandemic reinforced the exceptional value of cloud computing to the world economy.

Best practices for monitoring authentication logs

If you are running a user-facing web application, you likely implement some form of authentication flow to allow users to log in securely. You may even use multiple systems and methods for different purposes or separate groups of users. For example, employees might use OAuth-based authentication managed by a company-provided Google account to log in to internal services while customers can use a username and password system or their own Google credentials.