Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

What Are Cloud Leaks?

It seems like every day there’s a new incident of customer data exposure. Credit card and bank account numbers; medical records; personally identifiable information (PII) such as address, phone number, or SSN— just about every aspect of social interaction has an informational counterpart, and the social access this information provides to third parties gives many people the feeling that their privacy has been severely violated when it’s exposed.

FireEye vs Fortinet for Continuous Security

How does the fourth-largest network security company by revenue hold up against the first cybersecurity firm certified by the U.S. Department of Homeland Security? Fortinet's appliances and next generation firewalls (NGFW) have made it a category leader in unified threat management (UTM); let's see how they stack up against FireEye's comprehensive suite of enterprise security solutions.

Secure Networking for Openshift

The Kubernetes network model defines a flat network in which pod connectivity is unimpeded, with no restrictions on what traffic is allowed to or from each pod. To make a cluster production ready you need to make this networking secure. Network Policy is the primary tool for doing this and is essential to understand before considering moving a cluster to production.

96% of Organizations Use Open Source Libraries but Less Than 50% Manage Their Library Security Flaws

Most modern codebases are dependent on open source libraries. In fact, a recent research report sponsored by Veracode and conducted by Enterprise Strategy Group (ESG) found that more than 96 percent of organizations use open source libraries in their codebase. But – shockingly – less than half of these organizations have invested in specific security controls to scan for open source vulnerabilities.

Hot off the Press: Veracode Named a 2020 Gartner Peer Insights Customers' Choice for AST

Veracode has been officially recognized by Gartner Peer Insights as a 2020 Customers’ Choice for Application Security Testing. The report includes Veracode’s aggregate score of 4.6 out of 5 stars out of 95 independent customer reviews (as of July 31, 2020), and of the reviewers, 92 percent said that they would recommend Veracode’s AST solutions. Veracode, the largest global provider of application security (AST) solutions.

What to do first when your company suffers a ransomware attack

For many companies it would be a nightmare to discover that they are the latest unwitting victim of a ransomware attack, capable of crippling computer systems and locking up data if a payment isn’t made to cybercriminals. There’s no magic wand that can make a ransomware attack simply disappear with no impact at all on an organisation, but you can lessen the problem by carefully following tried-and-trusted steps in the immediate aftermath of an attack.

Nightfall's Data Loss Prevention Stops Cloud Data Exfiltration

Data exfiltration — the risk of your data ending up somewhere it doesn’t belong — remains one of the greatest data security concerns. This risk is only worsened by the fact that as companies migrate their data into the cloud, they struggle to maintain the visibility needed to ensure their data remains secure.

Working in the SOC with Power Tools: Splunk and Polarity

Have you ever had to saw through a board by hand? I had to finish a partial cut by hand the other day while building a new mantle for my fireplace. It’s slow and difficult, and it often results in a lesser quality cut than one done with a power tool. It’s good exercise, though! We should all have to do it at least once so we appreciate our power tools more.

Understanding how attackers move inside your organization

Cyberthreats have been coming at us from the left, right, and center. The number of cyberattacks is forever on the rise, and companies need to keep ramping up their security measures to protect themselves. It’s important that these measures cover every aspect of a network environment. To understand why monitoring your whole environment is so important, let’s take a look at what an attacker might do once they get inside your organization.

Monitor Auth0 with Datadog

Auth0 provides identity as a service (IDaaS), allowing you to secure your apps and APIs without having to write your own authorization code. Auth0 can work with social identity providers (IdP) like Google and Facebook so your users can access your app by using their existing accounts for authentication. You can also use an existing enterprise identity provider (e.g., LDAP) to allow your users to leverage single sign-on (SSO) across multiple apps.