Snyk Security Horror Story with Andrew Betts
Andrew Betts shares his security horror story of how the Financial Times was hacked by the Syrian Electronic Army.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
%term
Code similarity analysis with r2diaphora
Binary diffing, a technique for comparing binaries, can be a powerful tool to facilitate malware analysis and perform malware family attribution. This blog post describes how AT&T Alien Labs is leveraging binary diffing and code analysis to reduce reverse-engineering time and generate threat intelligence.
Cloud Infrastructure Entitlements Management (CIEM) with Sysdig Secure
Discover what CIEM Security is and how easy it is to implement with Sysdig Secure for cloud. Over-permissioned accounts and roles is the most common cloud service misconfiguration security problem. Implementing least privilege is a crucial best practice to avoid or mitigate risks of data breaches and contain privilege escalation and lateral movement.
Remediating Excessive IAM permissions in less than 2 minutes with Sysdig Secure
Over-privileged users in the cloud are everywhere!! Security teams are struggling with getting visibility into who should have access to what or how to enforce least privilege access. How do you manage excessive permissions in the cloud? Let's dig in! Sysdig reduces times to secure identities on the cloud to as little as two minutes.
Snyk Code adds Apex, Swift language support + API, GraphQL security
Snyk Code has had a tremendous 2021. It started the year supporting three languages — Java, JavaScript, and TypeScript — and has since added Python, C#, PHP, Ruby, and Go. More languages and features are on the horizon, and in this article, we’re happy to announce the addition of Swift and Salesforce’s Apex support, as well as API and GraphQL security. Let’s get into it!
Arctic Wolf Survey Unveils Where Firms Now Stand on Cyber Insurance
This August we commissioned a survey of over 1,400 senior IT decision-makers and business executives in the US, UK, and Canada. Our initial publication of the findings dug deep into their thoughts and attitudes on many issues, including nation-state attacks and hybrid work. In addition, however, our survey featured several questions on cyber insurance. So in this article, we’ll provide the cyber insurance insights shared by the survey respondents.
Streaming Auth0 Logs to Datadog | Sivamuthu Kumar (Computer Enterprises, Inc.)
Are you using Auth0 in your application for user logins? How will you monitor the Auth0 logs and detect user actions that could indicate security concerns? In this session, we will see how Datadog helps you to extend security monitoring by analyzing Auth0 User activities in the logs. And also we will see how to set up threat detection rules to trigger notifications automatically based on them.
Three Cloud SIEM innovations that improve team collaboration, tailor SOC workflows, and encourage customization
Sumo Logic is constantly improving our Cloud SIEM solution to meet the needs and demands of our current and future customers and help them modernize their security operations. Via our cloud-native platform, our engineers perform continuous delivery of product features and improvements to all Cloud SIEM customers—simultaneously—several times each week.
Cybersecurity Insights - Fileless Attacks
In just the first half of 2021, script-based fileless malware attacks have already nearly reached their entire 2021 total, which in itself was up 888% from the year prior. These highly evasive threats use living-off-the-land (LotL) techniques to fly in under the radar and sneak past many legacy endpoint protections. In this Cybersecurity Insights, WatchGuard Security Operations Manager Marc Laliberte will discuss what fileless malware is, how it works, how attackers are using it, and what you need to do to keep your systems safe from this massively popular threat.