Hi, Let's take a look behind the scenes and find out how Security Orchestration Automation and Response (SOAR) solutions can have a positive impact on your security investigation and response efficiency. In this article, I'll also highlight how Phantom-mobile makes your life as the “officer on duty” a lot easier.

What are web security trends for 2020? This year we anticipate the build-up of a new security market category, growing targets in automation, a new perimeter and continuation of DevSecOps. Here is what we are watching for in 2020.

To operate efficiently, businesses today use numerous devices such as laptops, desktop computers, and mobile devices. Securing all these devices—collectively called endpoints—significantly improves the overall security of your enterprise’s IT network. This blog can help you get started with endpoint security. To begin with, let’s define endpoint security.

In 2010, cloud computing just started to lead the IT revolution. It’s 2020 and the cloud is already mainstream. If you’re not running your business in virtual yet, you’re missing out on huge profit opportunities and capabilities that the cloud has to offer. Adopting a cloud strategy brings better security, increased stability and overall greater flexibility for your organization.

Penetration testing, pen testing or ethical hacking, is the practice of testing a computer system, network or web application's cybersecurity by looking for exploitable security vulnerabilities. Penetration testing can be automated with penetration testing tools or manually by penetration testers.

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since. A report published by Comparitech, based upon Freedom of Information requests, reveals the somewhat surprising news that since WannaCry there have only been six recorded ransomware attacks against the NHS.

Circuit breakers were originally designed to protect electrical circuits from damage. Software development has adopted the concept as a type of resiliency pattern and it can now be found commonly in the cloud-native and microservices stacks. They can also be valuable in any codebase that needs to offer more flexibility, especially when relying on third-party APIs. Welcome to Part 1 of this two part series on building a circuit breaker in Node.js.

Back in the early 2010s, a Forrester researcher, John Kindervag, noticed that corporations had a binary view of trust and privilege. Once new employees have completed training, they are given full access to all the tools and VPNs needed to get their job done. Once they are logged on, they are trusted completely. Kindervag noticed that “trust” is a vulnerability that can be exploited. Since then, awareness of Zero Trust implementations has grown, in particular Google’s BeyondCorp.

Engaging third-party vendors for the provision of goods and services is not a new concept, so why has vendor risk management become so important? Vendor risk management is important because managing vendor risk is foundational to cybersecurity, ensuring business continuity and maintaining regulatory compliance. A robust vendor risk management (VRM) program can help organizations under their vendor risk profile and mitigate third-party and fourth-party risk rather than relying on incident response.

There are dozens of implementations of authorization mechanisms. When there are complex requirements dictated by business processes, authorization mechanisms may often be implemented incorrectly or, at least, not optimally. The reason for that, in my opinion, is the low attention of both the customer and developers to this aspect in the initial stages of the project and, at the same time, insufficient assessment of the impact of necessary requirements.