Digital infrastructure is constantly evolving, forcing security professionals to strengthen security operations at an accelerated pace to mitigate risks. With that said, organizations increasingly realize how essential API security is to their information security strategy, and are evaluating solutions that are being touted as potential tools to secure APIs. Recently, eBPF (an evolution of Berkeley Packet Filter) has been a topic of discussion as a method for collecting data on APIs.

Misconfigured internet-facing servers are a growing risk for organizations and one of the preferred weapons for ransomware gangs to break into their victims’ networks.

In the event of a cyber attack, how confident are you that your Azure SQL data is safe and recoverable? As a commitment to cyber-proofing the cloud, we’re pleased to introduce new security enhancements to our previously-announced Azure SQL protection. Now, businesses and government agencies can further minimize the risk of data loss in Azure SQL databases and Managed Instances.

It seems like every week another household brand announces that they’ve been the victim of a data breach. Recently, cloud communications company Twilio announced that its internal systems were breached after attackers obtained employee credentials using an SMS phishing attack. Around the same time, Cloudflare, a content delivery network and DDoS mitigation company, reported that its employees were also targeted but their systems were not compromised.

The Higher Education Community Vendor Assessment Toolkit (HECVAT) helps higher education mitigate the impact of security risks of vendor relationships offering cloud-based services. With supply chain attacks on the rise, and vendor risks ranking in the top three initial attack vectors for data breaches, HECVAT compliance is becoming a mandatory requirement for partnering with higher education institutions.

According to Gartner, 20 percent of organizations have experienced at least one attack on IoT tech in the past three years. Unsecured network connections with Internet access compromise data privacy. Through them, third parties can gain remote control over the device.

Blackhat 2022, on its 25th anniversary, took place this week in Las Vegas. The most important event for the infosec community and the best place for security vendors to showcase all their innovations and products in this ever-growing ecosystem. This year, attendees come from 111 different countries. In 2020, Black Hat added the word Cloud to the existing track about Platform Security.

All app development companies are aware of the importance of mobile application security testing. Despite this, the app stores are full of potentially vulnerable apps. One of the reasons for this is the myths surrounding the mobile application security testing concept - how it might be complicated or expensive to get security. However, this blog will dispel these myths and present a true picture of mobile application security testing.

Secure your apps! Protect sensitive data! Easy to say, harder to find solid answers on all the bits and pieces you need to adjust to make sure that happens. That's why we've put together this list of practical advice for securing your Ruby on Rails applications. Whether you're a Rails developer or work on any stack that relies on cloud technologies, we think you'll find something that stands out.