Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Evolving the Netskope Risk Exchange Ecosystem: Making User-based Changes

Early last month, Netskope announced a few key security innovations across the Netskope One platform and some of my colleagues kicked off the conversation about Netskope Risk Exchange in a previous blog, Evolving the Netskope Risk Exchange Ecosystem. This blog series will continue to explore a number of different workflows that those comfortable using basic scripting, or enablement tools like Postman, can employ to programmatically update and inform your inline policy actions.

CVE-2024-9164: Critical Arbitrary Branch Pipeline Vulnerability in GitLab EE

On October 9, 2024, GitLab released patches for a critical vulnerability affecting various versions of GitLab EE, identified as CVE-2024-9164. This flaw allows a remote attacker to run pipelines on arbitrary branches within a repository, which could potentially lead to code execution. A GitLab pipeline consists of a series of automated processes that execute in stages to build, test, and deploy code.

Essential Guide to PII Data Discovery: Tools, Importance, and Best Practices

Personally Identifiable Information (PII) is data that can uniquely identify an individual, such as an employee, a patient, or a customer. “Sensitive PII” refers to information that, if compromised, could pose a greater risk to the individual’s privacy and misuse of information for someone else’s gains.

ZTNA Face-Off: Traditional vs. Universal - Unveiling the Key Differences

In the ever-evolving cybersecurity landscape, the debate between Universal ZTNA and Traditional ZTNA is heating up. While Traditional ZTNA has been a cornerstone for secure access, Universal ZTNA is redefining the game with its comprehensive, adaptive approach. Imagine a security solution that fortifies your network and seamlessly integrates with any environment, providing unparalleled protection and flexibility. Ready to explore the future of secure access?

Cybersecurity Awareness Month: AI Safety for Friends and Family

Happy October! The leaves are changing and everyone is starting to get ready for the upcoming holidays, but let’s not forget one of the most important holidays of the year—Cybersecurity Awareness Month! Though our audience is almost entirely cybersecurity experts, we wanted to put something together to help the less technical people in our lives learn more about AI and cybersecurity, because Cybersecurity Month is for everyone.

The vulnerability puzzle: understanding base images and their relationship to CVEs

Have you ever heard of CVEs? Maybe not by their acronym, but Common Vulnerabilities and Exposures, monitored by the CVE Program Mission, are everywhere. As of the writing of this article, there are over 220,000 CVE Records available—meaning many potential threats you could be exposed to. How can you ever protect your infrastructure against this reality? Well, the good news is, you usually don’t have to.

Interconnect Security Risks to Protect Your Kubernetes Environment

As Kubernetes and containerized environments become the backbone of modern application development, securing these environments grows increasingly complex. The distributed nature of microservices, the dynamic scaling of workloads and the ephemeral nature of containers introduce unique security challenges. Traditional approaches to risk assessment — where vulnerabilities, misconfigurations and threats are identified and prioritized in isolation — often fall short in such environments.

Simplifying Cybersecurity: Advanced Persistent Threat Detection with NDR Solutions

Advanced Persistent Threats or APT are a growing concern in the business world. Hackers are constantly improving their tactics and adopting new vulnerabilities. Organizations are scrambling with the increasing sophistication of attacks and are ready to invest in cybersecurity solutions in the hopes of early Advanced Persistent Threat detection and mitigation. However, before choosing a solution, it is important to understand the meaning and nature of APT.

Fidelis Network Detection and Response (NDR): Proactive Cyber Defense for Evolving Threats

As cyberattacks are becoming more sophisticated, traditional security measures such as firewalls and intrusion detection systems (IDS) are no longer sufficient. That’s why Network Detection and Response (NDR) is brought into the picture, to provide better and advanced solutions. It comes with real-time detection, automated responses, and advanced analysis. This blog focuses on the protective defense capabilities of NDR in cyber security.