Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Veracode Dynamic Analysis Solution

Veracode, a SaaS-based application security (AppSec) provider, offers multiple scan types including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), interactive analysis (IAST), and penetration testing. Veracode Dynamic Analysis helps organizations reduce the risk of a breach across their web applications. Our dynamic scans have a low false-positive rate, integrate with build systems like Jenkins, can be triggered through application programming interfaces (APIs), and combine findings with remediation tips.

Security for Work from Home Tools with Live Q&A Sponsored by Optiv

As more and more professionals connect to your organization’s networks via VPN and conduct their work with tools like Zoom, Teams and WebEx, it’s critical that your cybersecurity processes expand to include these changes. Make sure you and your teams are up to speed with best practices for work-from-home tools and common mistakes you’ll want to avoid. You can find a special question and answer sponsored by Optiv at the end of the video.

The MITRE ATT&CK Framework: Exfiltration

Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage. Ransomware, for example, usually has no interest in exfiltrating data. As with the Collection tactic, there’s little guidance on how to mitigate an attacker exfiltrating data from the enterprise.

Business Continuity Requires Infrastructure Continuity in Times of Remote Working

Over the last few weeks, most organisations have had to transition to enable their employees to work remotely. The key focus has been on business continuity during this trying time. Unfortunately, business continuity isn’t so easy. Keeping the day-to-day operations of the business running has been one of the hardest IT challenges that most organisations have faced in the last decade. It’s one for which many organisations might not have had a plan in place.

Calico Egress Gateway: Universal Firewall Integration for Kubernetes

New applications and workloads are constantly being added to Kubernetes clusters. Those same apps need to securely communicate with resources outside the cluster behind a firewall or other control point. Firewalls require a consistent IP, but routable IPs are a limited resource that can be quickly depleted if applied to every service.

3 Ways To Easily Integrate Egnyte Content into Microsoft Teams

Now that we’ve also extended our integration to allow organizations to further use Egnyte as a default cloud storage option, users get the benefit of the Egnyte content platform with Microsoft’s productivity and collaboration tool. Egnyte capabilities through Collaboration Tab and Messaging Extension is another critical way we enhance how organizations use Microsoft Teams.

Why Social Engineering Are Major Threats in 2020?

Not all cybersecurity threats and attacks occur on hardware and software components. Instead, humans are also vulnerable to social engineering attacks, a kind of cyber-attack. Social engineering psychologically manipulates people to trick them into performing actions or revealing sensitive information.

6 mistakes to avoid when choosing a managed services provider

Applications support some of the most strategic business processes and access an organization’s most sensitive data. However, application security continues to receive less budget and attention than network security. Thanks to the high-profile data breaches of the past few years, we can’t blame lack of awareness for the lack of investment. Security experts and business leaders alike are now painfully aware that hackers are targeting applications as an entry point.

Sponsored Post

Stories from the SOC - System compromise with lateral movement

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Malicious network traffic from foreign IPs was observed trying to establish communication to a compromised internal system.

IDS vs. IPS: What is the Difference?

The main difference between intrusion detection systems (IDS) and intrusion prevention systems (IPS) is that IDS are monitoring systems and IPS are control systems. IDS won't alter network traffic while IPS prevents packets from delivering based on the contents of the packet, similar to how a firewall prevents traffic by IP address.