Did you know that the default “copy link” option in O365 personal accounts generates a public shared link with edit permissions? In this edition, we will cover how link sharing in O365 can lead to the accidental internal and public exposure of sensitive data.
Developer security training is more critical than ever, but data shows us that the industry isn’t taking it quite as seriously as it should. A recent ESG survey report, Modern Application Development Security, highlights the glaring gaps in effective developer security training.
Veracode recently sponsored Enterprise Strategy Group’s (ESG) survey of 378 developers and security professionals, which explored the dynamic between the roles, their trigger points, the extent to which security teams understand modern development, and the buying intentions of application security (AppSec) teams.
“Send it to the cloud” has been the increasingly common response over the years for dealing with the issue of how to handle massive amounts of data. On one side, I understand it. Another infrastructure owned by a third party who has teams dedicated to implementing security by design, continuous testing and validation – this all sounds attractive.
Manipulating data is a core skill for any developer. In an API-driven environment, so much of the data you receive is formatted in a way that doesn't directly match the way that your application or UI needs it. Each web service and third-party API is different. This is where the ability to sort, normalize, filter, and manipulate the shape of data comes in. In this article, we'll explore some common ways to work with data in Javascript.
Some organisations fully outsource their cyber security requirements to MSSPs, while others only outsource specific aspects. MSSPs differ from MSPs (Managed Service Providers) in that they specialise in cyber security. By contrast, MSPs are more focused on the remote management of IT infrastructure. Many MSPs do offer security services but, owing to the highly specialised nature of cyber security, some chose to partner with MSSPs.
In 2020, security trends have mutated in a matter of months. Since February, the FBI has reported a 300% jump in reported cybercrimes related to the COVID-19 pandemic. The Federal Trade Commission (FTC) alone has registered over 18,257 COVID-19 security complaints that consequentially equates to nearly $13.44 million in losses.
