Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Importance of Operational Data in Incident Context

Network/Security Operations Center (NOC/SOC) engineers and service desk personnel are tasked to process numerous incidents as quickly as possible. However, to resolve an incident they are required to to perform various activities including collecting various operations data including metrics, logs, traces and more from different tools. In many cases, the process also involves coordinating with other IT personnel or creating a war room to bring the incident to closure.

How to protect your crown Jewels while working remotely

The crown Jewels, part of the Royal Collection, are the most powerful symbols of the British Monarchy. They are housed in the ‘Jewel House’, vault at the Tower of London. Ever since attempts have been made to steal the crown jewels their security has been tightened. Conventional methods to protect the crown jewels are not sophisticated enough to stop the highly motivated adversarial threats. Let’s take a closer look at how these jewels are protected.

How to Listen for Webhooks with Python

Webhooks run a large portion of the "magic" that happens between applications. They are sometimes called reverse APIs, callbacks, and even notifications. Many services, such as SendGrid, Stripe, Slack, and GitHub use events to send webhooks as part of their API. This allows your application to listen for events and perform actions when they happen. In a previous article, we looked at how to consume webhooks with Node.js and Express.

Authentication Header in Network Security

Ensuring authentication is one of the pillars in cyber security. That is why authentication header is one of the crucial practices. In this article, we will explain what authentication header is and how it can be useful for your organization. Almost every cyber security and/or information security expert knows about the famous CIA triad: Confidentiality, Integrity and Availability. These three consist the pillars of data security.

Your return-to-the-office cybersecurity checklist

The novel COVID-19 pandemic has changed the way organizations work. The sudden transition to remote work has forced organizations to look for temporary fixes to bridge the gap, leaving their endpoints exposed to an unprecedented threat landscape. Insecure internet connections, a lack of perimeter security, and the inability to implement effective security policies have made remote endpoints a breeding ground for threat actors.

Threat hunting explained

The process of threat hunting involves proactively searching for malware or attackers that are hiding within a network. Rather than simply relying on security solutions or services to detect threats, threat hunting is a predictive element to a layered security strategy, empowering organizations to go on the offensive looking for threats.

AppSec: Pushing Left, Like A Boss

With incident response and penetration testing currently receiving most of our application security dollars, it would appear that industry has decided to treat the symptom instead of the disease. “Pushing left” refers to starting security earlier in the SDLC; addressing the problem throughout the process. From scanning your code with a vulnerability scanner to red team exercises, developer education programs and bug bounties, this talk will show you how to ‘push left', like a boss.